Redirect to a one-time-password when ssl and regular server are different

1 files changed, 27 insertions, 0 deletions

diff --git a/classes/Login_token.php b/classes/Login_token.php
index 746cd7f22..51dc61262 100644
--- a/classes/Login_token.php
+++ b/classes/Login_token.php
@@ -40,6 +40,8 @@ class Login_token extends Memcached_DataObject
     /* the code above is auto generated do not remove the tag below */
     ###END_AUTOCODE
 
+    const TIMEOUT = 120; // seconds after which to timeout the token
+
     /*
     DB_DataObject calculates the sequence key(s) by taking the first key returned by the keys() function.
     In this case, the keys() function returns user_id as the first key. user_id is not a sequence, but
@@ -52,4 +54,29 @@ class Login_token extends Memcached_DataObject
     {
         return array(false,false);
     }
+
+    function makeNew($user)
+    {
+        $login_token = Login_token::staticGet('user_id', $user->id);
+
+        if (!empty($login_token)) {
+            $login_token->delete();
+        }
+
+        $login_token = new Login_token();
+
+        $login_token->user_id = $user->id;
+        $login_token->token   = common_good_rand(16);
+        $login_token->created = common_sql_now();
+
+        $result = $login_token->insert();
+
+        if (!$result) {
+            common_log_db_error($login_token, 'INSERT', __FILE__);
+            throw new Exception(sprintf(_('Could not create login token for %s'),
+                                                 $user->nickname));
+        }
+
+        return $login_token;
+    }
 }