Page MenuHomePhabricator
Differential D15476 Diff 37310 src/applications/auth/engine/PhabricatorAuthSessionEngine.php

Changeset View

Standalone View

View Options

src/applications/auth/engine/PhabricatorAuthSessionEngine.php

Show All 33 Linesfinal class PhabricatorAuthSessionEngine extends Phobject {
/** /**
* Session kind isn't known. * Session kind isn't known.
*/ */
const KIND_UNKNOWN = '?'; const KIND_UNKNOWN = '?';
/**
* Temporary tokens for one time logins.
*/
const ONETIME_TEMPORARY_TOKEN_TYPE = 'login:onetime';
/**
* Temporary tokens for password recovery after one time login.
*/
const PASSWORD_TEMPORARY_TOKEN_TYPE = 'login:password';
const ONETIME_RECOVER = 'recover'; const ONETIME_RECOVER = 'recover';
const ONETIME_RESET = 'reset'; const ONETIME_RESET = 'reset';
const ONETIME_WELCOME = 'welcome'; const ONETIME_WELCOME = 'welcome';
const ONETIME_USERNAME = 'rename'; const ONETIME_USERNAME = 'rename';
/** /**
* Get the session kind (e.g., anonymous, user, external account) from a * Get the session kind (e.g., anonymous, user, external account) from a
▲ Show 20 LinesShow All 576 Lines▼ Show 20 Lines/* -( One Time Login URIs )------------------------------------------------ */
*/ */
public function getOneTimeLoginURI( public function getOneTimeLoginURI(
PhabricatorUser $user, PhabricatorUser $user,
PhabricatorUserEmail $email = null, PhabricatorUserEmail $email = null,
$type = self::ONETIME_RESET) { $type = self::ONETIME_RESET) {
$key = Filesystem::readRandomCharacters(32); $key = Filesystem::readRandomCharacters(32);
$key_hash = $this->getOneTimeLoginKeyHash($user, $email, $key); $key_hash = $this->getOneTimeLoginKeyHash($user, $email, $key);
$onetime_type = PhabricatorAuthOneTimeLoginTemporaryTokenType::TOKENTYPE;
$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites(); $unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();
id(new PhabricatorAuthTemporaryToken()) id(new PhabricatorAuthTemporaryToken())
->setObjectPHID($user->getPHID()) ->setObjectPHID($user->getPHID())
->setTokenType(self::ONETIME_TEMPORARY_TOKEN_TYPE) ->setTokenType($onetime_type)
->setTokenExpires(time() + phutil_units('1 day in seconds')) ->setTokenExpires(time() + phutil_units('1 day in seconds'))
->setTokenCode($key_hash) ->setTokenCode($key_hash)
->save(); ->save();
unset($unguarded); unset($unguarded);
$uri = '/login/once/'.$type.'/'.$user->getID().'/'.$key.'/'; $uri = '/login/once/'.$type.'/'.$user->getID().'/'.$key.'/';
if ($email) { if ($email) {
$uri = $uri.$email->getID().'/'; $uri = $uri.$email->getID().'/';
Show All 22 Lines/* -( One Time Login URIs )------------------------------------------------ */
* @task onetime * @task onetime
*/ */
public function loadOneTimeLoginKey( public function loadOneTimeLoginKey(
PhabricatorUser $user, PhabricatorUser $user,
PhabricatorUserEmail $email = null, PhabricatorUserEmail $email = null,
$key = null) { $key = null) {
$key_hash = $this->getOneTimeLoginKeyHash($user, $email, $key); $key_hash = $this->getOneTimeLoginKeyHash($user, $email, $key);
$onetime_type = PhabricatorAuthOneTimeLoginTemporaryTokenType::TOKENTYPE;
return id(new PhabricatorAuthTemporaryTokenQuery()) return id(new PhabricatorAuthTemporaryTokenQuery())
->setViewer($user) ->setViewer($user)
->withObjectPHIDs(array($user->getPHID())) ->withObjectPHIDs(array($user->getPHID()))
->withTokenTypes(array(self::ONETIME_TEMPORARY_TOKEN_TYPE)) ->withTokenTypes(array($onetime_type))
->withTokenCodes(array($key_hash)) ->withTokenCodes(array($key_hash))
->withExpired(false) ->withExpired(false)
->executeOne(); ->executeOne();
} }
/** /**
* Hash a one-time login key for storage as a temporary token. * Hash a one-time login key for storage as a temporary token.
Show All 26 Lines
Phabricator · Built by Phacility