summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorEvan Prodromou <evan@status.net>2010-01-08 17:20:25 -0800
committerEvan Prodromou <evan@status.net>2010-01-09 15:26:06 -0800
commited5828f30ea0f7a30e01d407058990b06164c6f3 (patch)
tree7ad837785d6c6ea5156092543857df6447812a58 /lib
parentf396701b6466749c09ce16b1e7f2f96c10b05cdd (diff)
Redirect to a one-time-password when ssl and regular server are different
Diffstat (limited to 'lib')
-rw-r--r--lib/command.php24
-rw-r--r--lib/router.php5
2 files changed, 12 insertions, 17 deletions
diff --git a/lib/command.php b/lib/command.php
index 67140c348..f846fb823 100644
--- a/lib/command.php
+++ b/lib/command.php
@@ -650,25 +650,17 @@ class LoginCommand extends Command
$channel->error($this->user, _('Login command is disabled'));
return;
}
- $login_token = Login_token::staticGet('user_id',$this->user->id);
- if($login_token){
- $login_token->delete();
- }
- $login_token = new Login_token();
- $login_token->user_id = $this->user->id;
- $login_token->token = common_good_rand(16);
- $login_token->created = common_sql_now();
- $result = $login_token->insert();
- if (!$result) {
- common_log_db_error($login_token, 'INSERT', __FILE__);
- $channel->error($this->user, sprintf(_('Could not create login token for %s'),
- $this->user->nickname));
- return;
+
+ try {
+ $login_token = Login_token::makeNew($this->user);
+ } catch (Exception $e) {
+ $channel->error($this->user, $e->getMessage());
}
+
$channel->output($this->user,
sprintf(_('This link is useable only once, and is good for only 2 minutes: %s'),
- common_local_url('login',
- array('user_id'=>$login_token->user_id, 'token'=>$login_token->token))));
+ common_local_url('otp',
+ array('user_id' => $login_token->user_id, 'token' => $login_token->token))));
}
}
diff --git a/lib/router.php b/lib/router.php
index 287d3c79f..4128741a8 100644
--- a/lib/router.php
+++ b/lib/router.php
@@ -88,7 +88,10 @@ class Router
$m->connect('doc/:title', array('action' => 'doc'));
- $m->connect('main/login?user_id=:user_id&token=:token', array('action'=>'login'), array('user_id'=> '[0-9]+', 'token'=>'.+'));
+ $m->connect('main/otp/:user_id/:token',
+ array('action' => 'otp'),
+ array('user_id' => '[0-9]+',
+ 'token' => '.+'));
// main stuff is repetitive