mirror of
https://github.com/the-djmaze/snappymail.git
synced 2026-07-10 15:08:28 +03:00
Better handling of admin token cookie
This commit is contained in:
parent
0e347625e3
commit
5cd5f77c6f
2 changed files with 13 additions and 15 deletions
|
|
@ -123,8 +123,7 @@ class ActionsAdmin extends Actions
|
|||
throw new ClientException(Notifications::AuthError);
|
||||
}
|
||||
|
||||
$sToken = $this->getAdminToken();
|
||||
$this->setAdminAuthToken($sToken);
|
||||
$sToken = $this->setAdminAuthToken($sToken);
|
||||
|
||||
return $this->DefaultResponse(__FUNCTION__, $sToken ? $this->AppData(true) : false);
|
||||
}
|
||||
|
|
@ -668,22 +667,18 @@ class ActionsAdmin extends Actions
|
|||
return $this->DefaultResponse(__FUNCTION__, $QR->__toString());
|
||||
}
|
||||
|
||||
private function setAdminAuthToken(string $sToken) : void
|
||||
{
|
||||
Utils::SetCookie(static::$AUTH_ADMIN_TOKEN_KEY, $sToken);
|
||||
}
|
||||
|
||||
private function getAdminToken() : string
|
||||
private function setAdminAuthToken(string $sToken) : string
|
||||
{
|
||||
$sRand = \MailSo\Base\Utils::Sha1Rand();
|
||||
if (!$this->Cacher(null, true)->Set(KeyPathHelper::SessionAdminKey($sRand), \time()))
|
||||
{
|
||||
$this->oLogger->Write('Cannot store an admin token',
|
||||
\LOG_WARNING);
|
||||
return '';
|
||||
if (!$this->Cacher(null, true)->Set(KeyPathHelper::SessionAdminKey($sRand), \time())) {
|
||||
throw new \RuntimeException('Failed to store admin token');
|
||||
}
|
||||
|
||||
return Utils::EncodeKeyValuesQ(array('token', $sRand));
|
||||
$sToken = Utils::EncodeKeyValuesQ(array('token', $sRand));
|
||||
if (!$sToken) {
|
||||
throw new \RuntimeException('Failed to encode admin token');
|
||||
}
|
||||
Utils::SetCookie(static::$AUTH_ADMIN_TOKEN_KEY, $sToken);
|
||||
return $sToken;
|
||||
}
|
||||
|
||||
private function pluginEnable(string $sName, bool $bEnable = true) : bool
|
||||
|
|
|
|||
|
|
@ -166,6 +166,9 @@ class Utils
|
|||
throw new \Exception("Cookie '{$sName}' value too long");
|
||||
}
|
||||
*/
|
||||
// Clear 4K split cookie first
|
||||
static::ClearCookie($sName);
|
||||
// Now set the new 4K split cookie
|
||||
foreach (\str_split($sValue, $iMaxSize) as $i => $sPart) {
|
||||
static::_SetCookie($i ? "{$sName}~{$i}" : $sName, $sPart, $iExpire);
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue