Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/engine/PhabricatorAuthSessionEngine.php
Show First 20 Lines • Show All 104 Lines • ▼ Show 20 Lines | switch ($session_kind) { | ||||
case self::KIND_EXTERNAL: | case self::KIND_EXTERNAL: | ||||
// TODO: Implement these (T4310). | // TODO: Implement these (T4310). | ||||
return null; | return null; | ||||
} | } | ||||
$session_table = new PhabricatorAuthSession(); | $session_table = new PhabricatorAuthSession(); | ||||
$user_table = new PhabricatorUser(); | $user_table = new PhabricatorUser(); | ||||
$conn_r = $session_table->establishConnection('r'); | $conn_r = $session_table->establishConnection('r'); | ||||
$session_key = PhabricatorHash::digest($session_token); | $session_key = PhabricatorHash::weakDigest($session_token); | ||||
$cache_parts = $this->getUserCacheQueryParts($conn_r); | $cache_parts = $this->getUserCacheQueryParts($conn_r); | ||||
list($cache_selects, $cache_joins, $cache_map, $types_map) = $cache_parts; | list($cache_selects, $cache_joins, $cache_map, $types_map) = $cache_parts; | ||||
$info = queryfx_one( | $info = queryfx_one( | ||||
$conn_r, | $conn_r, | ||||
'SELECT | 'SELECT | ||||
s.id AS s_id, | s.id AS s_id, | ||||
▲ Show 20 Lines • Show All 113 Lines • ▼ Show 20 Lines | public function establishSession($session_type, $identity_phid, $partial) { | ||||
} | } | ||||
$session_table = new PhabricatorAuthSession(); | $session_table = new PhabricatorAuthSession(); | ||||
$conn_w = $session_table->establishConnection('w'); | $conn_w = $session_table->establishConnection('w'); | ||||
// This has a side effect of validating the session type. | // This has a side effect of validating the session type. | ||||
$session_ttl = PhabricatorAuthSession::getSessionTypeTTL($session_type); | $session_ttl = PhabricatorAuthSession::getSessionTypeTTL($session_type); | ||||
$digest_key = PhabricatorHash::digest($session_key); | $digest_key = PhabricatorHash::weakDigest($session_key); | ||||
// Logging-in users don't have CSRF stuff yet, so we have to unguard this | // Logging-in users don't have CSRF stuff yet, so we have to unguard this | ||||
// write. | // write. | ||||
$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites(); | $unguarded = AphrontWriteGuard::beginScopedUnguardedWrites(); | ||||
id(new PhabricatorAuthSession()) | id(new PhabricatorAuthSession()) | ||||
->setUserPHID($identity_phid) | ->setUserPHID($identity_phid) | ||||
->setType($session_type) | ->setType($session_type) | ||||
->setSessionKey($digest_key) | ->setSessionKey($digest_key) | ||||
▲ Show 20 Lines • Show All 49 Lines • ▼ Show 20 Lines | public function terminateLoginSessions( | ||||
$except_session = null) { | $except_session = null) { | ||||
$sessions = id(new PhabricatorAuthSessionQuery()) | $sessions = id(new PhabricatorAuthSessionQuery()) | ||||
->setViewer($user) | ->setViewer($user) | ||||
->withIdentityPHIDs(array($user->getPHID())) | ->withIdentityPHIDs(array($user->getPHID())) | ||||
->execute(); | ->execute(); | ||||
if ($except_session !== null) { | if ($except_session !== null) { | ||||
$except_session = PhabricatorHash::digest($except_session); | $except_session = PhabricatorHash::weakDigest($except_session); | ||||
} | } | ||||
foreach ($sessions as $key => $session) { | foreach ($sessions as $key => $session) { | ||||
if ($except_session !== null) { | if ($except_session !== null) { | ||||
$is_except = phutil_hashes_are_identical( | $is_except = phutil_hashes_are_identical( | ||||
$session->getSessionKey(), | $session->getSessionKey(), | ||||
$except_session); | $except_session); | ||||
if ($is_except) { | if ($is_except) { | ||||
▲ Show 20 Lines • Show All 432 Lines • ▼ Show 20 Lines | $parts = array( | ||||
$key, | $key, | ||||
$user->getAccountSecret(), | $user->getAccountSecret(), | ||||
); | ); | ||||
if ($email) { | if ($email) { | ||||
$parts[] = $email->getVerificationCode(); | $parts[] = $email->getVerificationCode(); | ||||
} | } | ||||
return PhabricatorHash::digest(implode(':', $parts)); | return PhabricatorHash::weakDigest(implode(':', $parts)); | ||||
} | } | ||||
/* -( User Cache )--------------------------------------------------------- */ | /* -( User Cache )--------------------------------------------------------- */ | ||||
/** | /** | ||||
* @task cache | * @task cache | ||||
▲ Show 20 Lines • Show All 91 Lines • Show Last 20 Lines |