This commit is contained in:
the-djmaze 2022-12-06 15:56:28 +01:00
parent 544ec16830
commit 4709e6fc25
2 changed files with 27 additions and 24 deletions

View file

@ -10,7 +10,8 @@ const getURL = (add = '') => serverRequest('Json') + pString(add),
checkResponseError = data => { checkResponseError = data => {
const err = data ? data.ErrorCode : null; const err = data ? data.ErrorCode : null;
if (Notification.InvalidToken === err) { if (Notification.InvalidToken === err) {
alert(getNotification(err)); console.error(getNotification(err));
// alert(getNotification(err));
rl.logoutReload(); rl.logoutReload();
} else if ([ } else if ([
Notification.AuthError, Notification.AuthError,

View file

@ -246,31 +246,33 @@ trait UserAuth
* Server side control/kickout of logged in sessions * Server side control/kickout of logged in sessions
* https://github.com/the-djmaze/snappymail/issues/151 * https://github.com/the-djmaze/snappymail/issues/151
*/ */
if (empty($_COOKIE[Utils::SESSION_TOKEN])) { $sToken = Utils::GetSessionToken(false);
if (!$sToken) {
// \MailSo\Base\Http::StatusHeader(401); // \MailSo\Base\Http::StatusHeader(401);
$this->Logout(true); if (isset($_COOKIE[Utils::SESSION_TOKEN])) {
// $sAdditionalMessage = $this->StaticI18N('SESSION_UNDEFINED'); \SnappyMail\Log::notice('TOKENS', 'SESSION_TOKEN invalid');
\SnappyMail\Log::notice('TOKENS', 'SESSION_TOKEN empty'); } else {
throw new ClientException(Notifications::InvalidToken, null, 'Session undefined'); \SnappyMail\Log::notice('TOKENS', 'SESSION_TOKEN not set');
} }
} else {
$oMainAuthAccount = MainAccount::NewInstanceFromTokenArray( $oMainAuthAccount = MainAccount::NewInstanceFromTokenArray(
$this, $this,
$aData, $aData,
$bThrowExceptionOnFalse $bThrowExceptionOnFalse
); );
$oMainAuthAccount || \SnappyMail\Log::notice('TOKENS', 'AUTH_SPEC_TOKEN_KEY invalid'); if ($oMainAuthAccount) {
$sToken = $oMainAuthAccount ? Utils::GetSessionToken(false) : null; $sTokenValue = $this->StorageProvider()->Get($oMainAuthAccount, StorageType::SESSION, $sToken);
$sTokenValue = $sToken ? $this->StorageProvider()->Get($oMainAuthAccount, StorageType::SESSION, $sToken) : null; if ($sTokenValue) {
if ($oMainAuthAccount && $sTokenValue) {
$this->oMainAuthAccount = $oMainAuthAccount; $this->oMainAuthAccount = $oMainAuthAccount;
} else { } else {
if ($oMainAuthAccount) { $this->StorageProvider()->Clear($oMainAuthAccount, StorageType::SESSION, $sToken);
$sToken || \SnappyMail\Log::notice('TOKENS', 'SESSION_TOKEN not found'); \SnappyMail\Log::notice('TOKENS', 'SESSION_TOKEN value invalid: ' . \gettype($sTokenValue));
if ($sToken) { }
$oMainAuthAccount && $this->StorageProvider()->Clear($oMainAuthAccount, StorageType::SESSION, $sToken); } else {
$sTokenValue || \SnappyMail\Log::notice('TOKENS', 'SESSION_TOKEN value invalid: ' . \gettype($sTokenValue)); \SnappyMail\Log::notice('TOKENS', 'AUTH_SPEC_TOKEN_KEY invalid');
} }
} }
if (!$this->oMainAuthAccount) {
Utils::ClearCookie(Utils::SESSION_TOKEN); Utils::ClearCookie(Utils::SESSION_TOKEN);
// \MailSo\Base\Http::StatusHeader(401); // \MailSo\Base\Http::StatusHeader(401);
$this->Logout(true); $this->Logout(true);