X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=classes%2Fxorgsession.php;h=798d8387ee600182d218b0c87f7490b75f101f88;hb=07e4a9a091ac34c84129c230cde455de34e1ae91;hp=84128af3beb42844fb1f04bba2c99da342a7ec16;hpb=6cce7840e69bc0b6647e1bc5ea3437a925cd63a0;p=platal.git diff --git a/classes/xorgsession.php b/classes/xorgsession.php index 84128af..798d838 100644 --- a/classes/xorgsession.php +++ b/classes/xorgsession.php @@ -1,6 +1,6 @@ checkPassword($login, $user, Post::v('response')); - - if (!is_null($user) && S::suid()) { - $success = (S::suid('uid') == $user->id()); + if (is_null($user)) { + Platal::page()->trigError(self::TEXT_INVALID_LOGIN); + $success = false; } else { - $success = $this->checkPassword($login, $user, Post::v('response')); + if (S::suid()) { + $success = (S::suid('uid') == $user->id()); + } else { + $success = $this->checkPassword($login, $user, Post::v('response')); + } } if ($success) { - S::set('auth', AUTH_MDP); + S::set('auth', AUTH_PASSWD); S::kill('challenge'); S::logger($user->id())->log('auth_ok'); } @@ -163,7 +166,7 @@ class XorgSession extends PlSession return true; } if ($level == AUTH_SUID) { - S::set('auth', AUTH_MDP); + S::set('auth', AUTH_PASSWD); } // Loads uid and hruid into the session for developement conveniance. @@ -180,6 +183,13 @@ class XorgSession extends PlSession $this->setAccessCookie(false, S::i('auth_by_cookie') != $user->id()); } else { $this->killAccessCookie(); + + // If login for an external website and not activating cookie, + // mark that we want to disconnect once external auth checks + // have been performed. + if (Post::b('external_auth')) { + S::set('external_auth_exit', true); + } } } @@ -303,7 +313,7 @@ class XorgSession extends PlSession public function sureLevel() { - return AUTH_MDP; + return AUTH_PASSWD; }