From 75cac0fd6b94f77ec8ff32ebc89ec513ee102831 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Sat, 5 Dec 2009 21:03:27 -0500 Subject: Added 'login' command that gives you a link that can be used to login to the website --- lib/command.php | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'lib/command.php') diff --git a/lib/command.php b/lib/command.php index bcc551c81..7e98156b6 100644 --- a/lib/command.php +++ b/lib/command.php @@ -579,6 +579,32 @@ class OnCommand extends Command } } +class LoginCommand extends Command +{ + function execute($channel) + { + $login_token = Login_token::staticGet('user_id',$this->user->id); + if($login_token){ + $login_token->delete(); + } + $login_token = new Login_token(); + $login_token->user_id = $this->user->id; + $login_token->token = common_good_rand(16); + $login_token->created = common_sql_now(); + $result = $login_token->insert(); + if (!$result) { + common_log_db_error($login_token, 'INSERT', __FILE__); + $channel->error($this->user, sprintf(_('Could not create login token for %s'), + $this->user->nickname)); + return; + } + $channel->output($this->user, + sprintf(_('This link is useable only once, and is good for only 2 minutes: %s'), + common_local_url('login', + array('user_id'=>$login_token->user_id, 'token'=>$login_token->token)))); + } +} + class SubscriptionsCommand extends Command { function execute($channel) @@ -666,6 +692,7 @@ class HelpCommand extends Command "reply # - reply to notice with a given id\n". "reply - reply to the last notice from user\n". "join - join group\n". + "login - Get a link to login to the web interface\n". "drop - leave group\n". "stats - get your stats\n". "stop - same as 'off'\n". -- cgit v1.2.3-54-g00ecf From 3b14b61fa745d4906796ac49e78ae712f61e9643 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Sat, 5 Dec 2009 21:04:20 -0500 Subject: Add a configuration option to disable the login command. $config['logincommand']['disabled'] = true; This commit should be reverted once the command has been sufficiently tested and trusted. --- actions/login.php | 5 ++++- lib/command.php | 5 +++++ 2 files changed, 9 insertions(+), 1 deletion(-) (limited to 'lib/command.php') diff --git a/actions/login.php b/actions/login.php index cee29fd09..a6f86c0ca 100644 --- a/actions/login.php +++ b/actions/login.php @@ -75,11 +75,14 @@ class LoginAction extends Action function handle($args) { parent::handle($args); + + $disabled = common_config('logincommand','disabled'); + if (common_is_real_login()) { $this->clientError(_('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->checkLogin(); - } else if (isset($args['user_id']) && isset($args['token'])){ + } else if (!isset($disabled) && isset($args['user_id']) && isset($args['token'])){ $this->checkLogin($args['user_id'],$args['token']); } else { common_ensure_session(); diff --git a/lib/command.php b/lib/command.php index 7e98156b6..e2a665511 100644 --- a/lib/command.php +++ b/lib/command.php @@ -583,6 +583,11 @@ class LoginCommand extends Command { function execute($channel) { + $disabled = common_config('logincommand','disabled'); + if(isset($disabled)) { + $channel->error($this->user, _('Login command is disabled')); + return; + } $login_token = Login_token::staticGet('user_id',$this->user->id); if($login_token){ $login_token->delete(); -- cgit v1.2.3-54-g00ecf