Use OTP to set cookies from registration action

1 files changed, 37 insertions, 0 deletions

diff --git a/actions/register.php b/actions/register.php
index 57f8e7bdf..108d05f5a 100644
--- a/actions/register.php
+++ b/actions/register.php
@@ -259,6 +259,16 @@ class RegisterAction extends Action
 
                 // Re-init language env in case it changed (not yet, but soon)
                 common_init_language();
+
+                if (common_config('ssl', 'sometimes') && // mixed environment
+                    common_config('site', 'server') != common_config('site', 'sslserver')) {
+                    $url = common_local_url('all',
+                                            array('nickname' =>
+                                                  $user->nickname));
+                    $this->redirectFromSSL($user, $url, $this->boolean('rememberme'));
+                    return;
+                }
+
                 $this->showSuccess();
             } else {
                 $this->showForm(_('Invalid username or password.'));
@@ -578,5 +588,32 @@ class RegisterAction extends Action
         $nav = new LoginGroupNav($this);
         $nav->show();
     }
+
+    function redirectFromSSL($user, $returnto, $rememberme)
+    {
+        try {
+            $login_token = Login_token::makeNew($user);
+        } catch (Exception $e) {
+            $this->serverError($e->getMessage());
+            return;
+        }
+
+        $params = array();
+
+        if (!empty($returnto)) {
+            $params['returnto'] = $returnto;
+        }
+
+        if (!empty($rememberme)) {
+            $params['rememberme'] = $rememberme;
+        }
+
+        $target = common_local_url('otp',
+                                   array('user_id' => $login_token->user_id,
+                                         'token' => $login_token->token),
+                                   $params);
+
+        common_redirect($target, 303);
+    }
 }