Move login code from index.php to OC class

12 years ago · 3387454094
parent 9156fb73fd
commit 3387454094
2 changed files with 70 additions and 42 deletions
--- a/index.php
+++ b/index.php
@ -31,52 +31,16 @@ if (!OC::handleRequest()) {
 	OC_App::loadApps(array('prelogin'));
 	$error = false;
 	// remember was checked after last login
-	if(isset($_COOKIE["oc_remember_login"]) && isset($_COOKIE["oc_token"]) && isset($_COOKIE["oc_username"]) && $_COOKIE["oc_remember_login"]) {
-		OC_App::loadApps(array('authentication'));
-		if(defined("DEBUG") && DEBUG) {
-			OC_Log::write('core','Trying to login from cookie',OC_Log::DEBUG);
-		}
-		// confirm credentials in cookie
-		if(isset($_COOKIE['oc_token']) && OC_User::userExists($_COOKIE['oc_username']) &&
-		OC_Preferences::getValue($_COOKIE['oc_username'], "login", "token") == $_COOKIE['oc_token']) {
-			OC_User::setUserId($_COOKIE['oc_username']);
-			OC_Util::redirectToDefaultPage();
-		}
-		else {
-			OC_User::unsetMagicInCookie();
-		}
+	if (OC::tryRememberLogin()) {
+		// nothing more to do

 	// Someone wants to log in :
-	} elseif(isset($_POST["user"]) and isset($_POST['password']) and isset($_SESSION['sectoken']) and isset($_POST['sectoken']) and ($_SESSION['sectoken']==$_POST['sectoken']) ) {
-		OC_App::loadApps();
-		if(OC_User::login($_POST["user"], $_POST["password"])) {
-			if(!empty($_POST["remember_login"])){
-				if(defined("DEBUG") && DEBUG) {
-					OC_Log::write('core','Setting remember login to cookie',OC_Log::DEBUG);
-				}
-				$token = md5($_POST["user"].time().$_POST['password']);
-				OC_Preferences::setValue($_POST['user'], 'login', 'token', $token);
-				OC_User::setMagicInCookie($_POST["user"], $token);
-			}
-			else {
-				OC_User::unsetMagicInCookie();
-			}
-			OC_Util::redirectToDefaultPage();
-		} else {
-			$error = true;
-		}
+	} elseif (OC::tryFormLogin()) {
+		$error = true;
 	
 	// The user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP
-	} elseif(isset($_SERVER["PHP_AUTH_USER"]) && isset($_SERVER["PHP_AUTH_PW"])){
-		OC_App::loadApps(array('authentication'));
-		if (OC_User::login($_SERVER["PHP_AUTH_USER"],$_SERVER["PHP_AUTH_PW"]))	{
-			//OC_Log::write('core',"Logged in with HTTP Authentication",OC_Log::DEBUG);
-			OC_User::unsetMagicInCookie();
-			$_REQUEST['redirect_url'] = (isset($_SERVER['REQUEST_URI'])?$_SERVER['REQUEST_URI']:'');
-			OC_Util::redirectToDefaultPage();
-		}else{
-			$error = true;
-		}
+	} elseif(OC::tryBasicAuthLogin()) {
+		$error = true;
 	}
 	if(!array_key_exists('sectoken', $_SESSION) || (array_key_exists('sectoken', $_SESSION) && is_null(OC::$REQUESTEDFILE)) || substr(OC::$REQUESTEDFILE, -3) == 'php'){
 		$sectoken=rand(1000000,9999999);
--- a/lib/base.php
+++ b/lib/base.php
@ -446,6 +446,70 @@ class OC{
 		return false;
 	}

+	public static function tryRememberLogin() {
+		if(!isset($_COOKIE["oc_remember_login"])
+		|| !isset($_COOKIE["oc_token"])
+		|| !isset($_COOKIE["oc_username"])
+		|| !$_COOKIE["oc_remember_login"]) {
+			return false;
+		}
+		OC_App::loadApps(array('authentication'));
+		if(defined("DEBUG") && DEBUG) {
+			OC_Log::write('core','Trying to login from cookie',OC_Log::DEBUG);
+		}
+		// confirm credentials in cookie
+		if(isset($_COOKIE['oc_token']) && OC_User::userExists($_COOKIE['oc_username']) &&
+		OC_Preferences::getValue($_COOKIE['oc_username'], "login", "token") == $_COOKIE['oc_token']) {
+			OC_User::setUserId($_COOKIE['oc_username']);
+			OC_Util::redirectToDefaultPage();
+		}
+		else {
+			OC_User::unsetMagicInCookie();
+		}
+		return true;
+	}
+
+	public static function tryFormLogin() {
+		if(!isset($_POST["user"])
+		|| !isset($_POST['password'])
+		|| !isset($_SESSION['sectoken'])
+		|| !isset($_POST['sectoken'])
+		|| ($_SESSION['sectoken']!=$_POST['sectoken']) ) {
+			return false;
+		}
+		OC_App::loadApps();
+		if(OC_User::login($_POST["user"], $_POST["password"])) {
+			if(!empty($_POST["remember_login"])){
+				if(defined("DEBUG") && DEBUG) {
+					OC_Log::write('core','Setting remember login to cookie', OC_Log::DEBUG);
+				}
+				$token = md5($_POST["user"].time().$_POST['password']);
+				OC_Preferences::setValue($_POST['user'], 'login', 'token', $token);
+				OC_User::setMagicInCookie($_POST["user"], $token);
+			}
+			else {
+				OC_User::unsetMagicInCookie();
+			}
+			OC_Util::redirectToDefaultPage();
+		}
+		return true;
+	}
+
+	public static function tryBasicAuthLogin() {
+		if (!isset($_SERVER["PHP_AUTH_USER"])
+		 || !isset($_SERVER["PHP_AUTH_PW"])){
+		 	return false;
+		}
+		OC_App::loadApps(array('authentication'));
+		if (OC_User::login($_SERVER["PHP_AUTH_USER"],$_SERVER["PHP_AUTH_PW"]))	{
+			//OC_Log::write('core',"Logged in with HTTP Authentication",OC_Log::DEBUG);
+			OC_User::unsetMagicInCookie();
+			$_REQUEST['redirect_url'] = (isset($_SERVER['REQUEST_URI'])?$_SERVER['REQUEST_URI']:'');
+			OC_Util::redirectToDefaultPage();
+		}
+		return true;
+	}
+
 }

 // define runtime variables - unless this already has been done