Page MenuHomePhabricator
Differential D17632 Diff 42417 src/applications/auth/engine/PhabricatorAuthSessionEngine.php

Changeset View

Standalone View

View Options

src/applications/auth/engine/PhabricatorAuthSessionEngine.php

Show First 20 LinesShow All 104 Lines▼ Show 20 Lines switch ($session_kind) {
case self::KIND_EXTERNAL: case self::KIND_EXTERNAL:
// TODO: Implement these (T4310). // TODO: Implement these (T4310).
return null; return null;
} }
$session_table = new PhabricatorAuthSession(); $session_table = new PhabricatorAuthSession();
$user_table = new PhabricatorUser(); $user_table = new PhabricatorUser();
$conn_r = $session_table->establishConnection('r'); $conn_r = $session_table->establishConnection('r');
$session_key = PhabricatorHash::digest($session_token); $session_key = PhabricatorHash::weakDigest($session_token);
$cache_parts = $this->getUserCacheQueryParts($conn_r); $cache_parts = $this->getUserCacheQueryParts($conn_r);
list($cache_selects, $cache_joins, $cache_map, $types_map) = $cache_parts; list($cache_selects, $cache_joins, $cache_map, $types_map) = $cache_parts;
$info = queryfx_one( $info = queryfx_one(
$conn_r, $conn_r,
'SELECT 'SELECT
s.id AS s_id, s.id AS s_id,
▲ Show 20 LinesShow All 113 Lines▼ Show 20 Lines public function establishSession($session_type, $identity_phid, $partial) {
} }
$session_table = new PhabricatorAuthSession(); $session_table = new PhabricatorAuthSession();
$conn_w = $session_table->establishConnection('w'); $conn_w = $session_table->establishConnection('w');
// This has a side effect of validating the session type. // This has a side effect of validating the session type.
$session_ttl = PhabricatorAuthSession::getSessionTypeTTL($session_type); $session_ttl = PhabricatorAuthSession::getSessionTypeTTL($session_type);
$digest_key = PhabricatorHash::digest($session_key); $digest_key = PhabricatorHash::weakDigest($session_key);
// Logging-in users don't have CSRF stuff yet, so we have to unguard this // Logging-in users don't have CSRF stuff yet, so we have to unguard this
// write. // write.
$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites(); $unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();
id(new PhabricatorAuthSession()) id(new PhabricatorAuthSession())
->setUserPHID($identity_phid) ->setUserPHID($identity_phid)
->setType($session_type) ->setType($session_type)
->setSessionKey($digest_key) ->setSessionKey($digest_key)
▲ Show 20 LinesShow All 49 Lines▼ Show 20 Lines public function terminateLoginSessions(
$except_session = null) { $except_session = null) {
$sessions = id(new PhabricatorAuthSessionQuery()) $sessions = id(new PhabricatorAuthSessionQuery())
->setViewer($user) ->setViewer($user)
->withIdentityPHIDs(array($user->getPHID())) ->withIdentityPHIDs(array($user->getPHID()))
->execute(); ->execute();
if ($except_session !== null) { if ($except_session !== null) {
$except_session = PhabricatorHash::digest($except_session); $except_session = PhabricatorHash::weakDigest($except_session);
} }
foreach ($sessions as $key => $session) { foreach ($sessions as $key => $session) {
if ($except_session !== null) { if ($except_session !== null) {
$is_except = phutil_hashes_are_identical( $is_except = phutil_hashes_are_identical(
$session->getSessionKey(), $session->getSessionKey(),
$except_session); $except_session);
if ($is_except) { if ($is_except) {
▲ Show 20 LinesShow All 432 Lines▼ Show 20 Lines $parts = array(
$key, $key,
$user->getAccountSecret(), $user->getAccountSecret(),
); );
if ($email) { if ($email) {
$parts[] = $email->getVerificationCode(); $parts[] = $email->getVerificationCode();
} }
return PhabricatorHash::digest(implode(':', $parts)); return PhabricatorHash::weakDigest(implode(':', $parts));
} }
/* -( User Cache )--------------------------------------------------------- */ /* -( User Cache )--------------------------------------------------------- */
/** /**
* @task cache * @task cache
▲ Show 20 LinesShow All 91 LinesShow Last 20 Lines
Phabricator · Built by Phacility