From 6d66a28b3591b579f0230620339882e9ba8078ab Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sat, 9 Jan 2010 16:23:41 -0800 Subject: Use OTP to set cookies from registration action --- actions/register.php | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) (limited to 'actions/register.php') diff --git a/actions/register.php b/actions/register.php index 57f8e7bdf..108d05f5a 100644 --- a/actions/register.php +++ b/actions/register.php @@ -259,6 +259,16 @@ class RegisterAction extends Action // Re-init language env in case it changed (not yet, but soon) common_init_language(); + + if (common_config('ssl', 'sometimes') && // mixed environment + common_config('site', 'server') != common_config('site', 'sslserver')) { + $url = common_local_url('all', + array('nickname' => + $user->nickname)); + $this->redirectFromSSL($user, $url, $this->boolean('rememberme')); + return; + } + $this->showSuccess(); } else { $this->showForm(_('Invalid username or password.')); @@ -578,5 +588,32 @@ class RegisterAction extends Action $nav = new LoginGroupNav($this); $nav->show(); } + + function redirectFromSSL($user, $returnto, $rememberme) + { + try { + $login_token = Login_token::makeNew($user); + } catch (Exception $e) { + $this->serverError($e->getMessage()); + return; + } + + $params = array(); + + if (!empty($returnto)) { + $params['returnto'] = $returnto; + } + + if (!empty($rememberme)) { + $params['rememberme'] = $rememberme; + } + + $target = common_local_url('otp', + array('user_id' => $login_token->user_id, + 'token' => $login_token->token), + $params); + + common_redirect($target, 303); + } } -- cgit v1.2.3-54-g00ecf From 06ed0bc7913e6af0a4aaab93459148c690be70f1 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sun, 10 Jan 2010 00:19:46 -0800 Subject: correctly check for ssl enabled --- actions/register.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'actions/register.php') diff --git a/actions/register.php b/actions/register.php index 108d05f5a..ec6534eee 100644 --- a/actions/register.php +++ b/actions/register.php @@ -260,8 +260,9 @@ class RegisterAction extends Action // Re-init language env in case it changed (not yet, but soon) common_init_language(); - if (common_config('ssl', 'sometimes') && // mixed environment - common_config('site', 'server') != common_config('site', 'sslserver')) { + if (common_config('site', 'ssl') == 'sometimes' && // mixed environment + 0 != strcasecmp(common_config('site', 'server'), common_config('site', 'sslserver'))) { + $url = common_local_url('all', array('nickname' => $user->nickname)); -- cgit v1.2.3-54-g00ecf From 54d532e12f5dac8924d30d21c15f331ce5d16550 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sun, 10 Jan 2010 22:58:33 -0800 Subject: remove redirect to OTP on login from login, register --- actions/login.php | 33 --------------------------------- actions/register.php | 37 ------------------------------------- 2 files changed, 70 deletions(-) (limited to 'actions/register.php') diff --git a/actions/login.php b/actions/login.php index 8694de188..9c47d88b1 100644 --- a/actions/login.php +++ b/actions/login.php @@ -132,12 +132,6 @@ class LoginAction extends Action $url = common_get_returnto(); - if (common_config('site', 'ssl') == 'sometimes' && // mixed environment - 0 != strcasecmp(common_config('site', 'server'), common_config('site', 'sslserver'))) { - $this->redirectFromSSL($user, $url, $this->boolean('rememberme')); - return; - } - if ($url) { // We don't have to return to it again common_set_returnto(null); @@ -282,31 +276,4 @@ class LoginAction extends Action $nav = new LoginGroupNav($this); $nav->show(); } - - function redirectFromSSL($user, $returnto, $rememberme) - { - try { - $login_token = Login_token::makeNew($user); - } catch (Exception $e) { - $this->serverError($e->getMessage()); - return; - } - - $params = array(); - - if (!empty($returnto)) { - $params['returnto'] = $returnto; - } - - if (!empty($rememberme)) { - $params['rememberme'] = $rememberme; - } - - $target = common_local_url('otp', - array('user_id' => $login_token->user_id, - 'token' => $login_token->token), - $params); - - common_redirect($target, 303); - } } diff --git a/actions/register.php b/actions/register.php index ec6534eee..6339ea117 100644 --- a/actions/register.php +++ b/actions/register.php @@ -260,16 +260,6 @@ class RegisterAction extends Action // Re-init language env in case it changed (not yet, but soon) common_init_language(); - if (common_config('site', 'ssl') == 'sometimes' && // mixed environment - 0 != strcasecmp(common_config('site', 'server'), common_config('site', 'sslserver'))) { - - $url = common_local_url('all', - array('nickname' => - $user->nickname)); - $this->redirectFromSSL($user, $url, $this->boolean('rememberme')); - return; - } - $this->showSuccess(); } else { $this->showForm(_('Invalid username or password.')); @@ -589,32 +579,5 @@ class RegisterAction extends Action $nav = new LoginGroupNav($this); $nav->show(); } - - function redirectFromSSL($user, $returnto, $rememberme) - { - try { - $login_token = Login_token::makeNew($user); - } catch (Exception $e) { - $this->serverError($e->getMessage()); - return; - } - - $params = array(); - - if (!empty($returnto)) { - $params['returnto'] = $returnto; - } - - if (!empty($rememberme)) { - $params['rememberme'] = $rememberme; - } - - $target = common_local_url('otp', - array('user_id' => $login_token->user_id, - 'token' => $login_token->token), - $params); - - common_redirect($target, 303); - } } -- cgit v1.2.3-54-g00ecf