This commit is contained in:
the-djmaze 2022-02-11 15:51:35 +01:00
parent 2fea7b92e1
commit af08a9a301
2 changed files with 38 additions and 18 deletions

View file

@ -221,7 +221,7 @@ trait UserAuth
*/ */
public function getMainAccountFromToken(bool $bThrowExceptionOnFalse = true): ?MainAccount public function getMainAccountFromToken(bool $bThrowExceptionOnFalse = true): ?MainAccount
{ {
if (false === $this->oMainAuthAccount) { if (false === $this->oMainAuthAccount) try {
$this->oMainAuthAccount = null; $this->oMainAuthAccount = null;
if (isset($_COOKIE[self::AUTH_SPEC_LOGOUT_TOKEN_KEY])) { if (isset($_COOKIE[self::AUTH_SPEC_LOGOUT_TOKEN_KEY])) {
Utils::ClearCookie(self::AUTH_SPEC_LOGOUT_TOKEN_KEY); Utils::ClearCookie(self::AUTH_SPEC_LOGOUT_TOKEN_KEY);
@ -241,6 +241,7 @@ trait UserAuth
// \MailSo\Base\Http::StatusHeader(401); // \MailSo\Base\Http::StatusHeader(401);
$this->Logout(true); $this->Logout(true);
// $sAdditionalMessage = $this->StaticI18N('SESSION_UNDEFINED'); // $sAdditionalMessage = $this->StaticI18N('SESSION_UNDEFINED');
\SnappyMail\Log::notice('TOKENS', 'SESSION_TOKEN empty');
throw new ClientException(Notifications::InvalidToken, null, 'Session undefined'); throw new ClientException(Notifications::InvalidToken, null, 'Session undefined');
} }
$oMainAuthAccount = MainAccount::NewInstanceFromTokenArray( $oMainAuthAccount = MainAccount::NewInstanceFromTokenArray(
@ -270,13 +271,23 @@ trait UserAuth
} else { } else {
$oAccount = $this->GetAccountFromSignMeToken(); $oAccount = $this->GetAccountFromSignMeToken();
if ($oAccount) { if ($oAccount) {
$this->StorageProvider()->Put(
$oAccount,
StorageType::SESSION,
Utils::GetSessionToken(),
'true'
);
$this->SetAuthToken($oAccount); $this->SetAuthToken($oAccount);
} }
} }
if ($bThrowExceptionOnFalse && !$this->oMainAuthAccount) { if (!$this->oMainAuthAccount) {
throw new ClientException(Notifications::InvalidToken, null, 'Account undefined'); throw new ClientException(Notifications::InvalidToken, null, 'Account undefined');
} }
} catch (\Throwable $e) {
if ($bThrowExceptionOnFalse) {
throw $e;
}
} }
return $this->oMainAuthAccount; return $this->oMainAuthAccount;
@ -307,6 +318,7 @@ trait UserAuth
if (isset($aResult['e'], $aResult['u']) && \SnappyMail\UUID::isValid($aResult['u'])) { if (isset($aResult['e'], $aResult['u']) && \SnappyMail\UUID::isValid($aResult['u'])) {
return $aResult; return $aResult;
} }
\SnappyMail\Log::notice(self::AUTH_SIGN_ME_TOKEN_KEY, 'invalid');
} }
return null; return null;
} }
@ -353,20 +365,25 @@ trait UserAuth
\base64_decode(\end($aTokenData)), \base64_decode(\end($aTokenData)),
$sAuthToken $sAuthToken
]); ]);
if (\is_array($aAccountHash)) {
$oAccount = \is_array($aAccountHash) $oAccount = MainAccount::NewInstanceFromTokenArray($this, $aAccountHash);
? MainAccount::NewInstanceFromTokenArray($this, $aAccountHash) : null; if ($oAccount) {
if ($oAccount) { $this->CheckMailConnection($oAccount);
$this->CheckMailConnection($oAccount); // Update lifetime
// Update lifetime $this->SetSignMeToken($oAccount);
$this->SetSignMeToken($oAccount); return $oAccount;
}
return $oAccount; \SnappyMail\Log::notice(self::AUTH_SIGN_ME_TOKEN_KEY, 'has no account');
} else {
\SnappyMail\Log::notice(self::AUTH_SIGN_ME_TOKEN_KEY, 'decrypt failed');
} }
} else {
\SnappyMail\Log::notice(self::AUTH_SIGN_ME_TOKEN_KEY, "server token not found for {$aTokenData['e']}/.sign_me/{$aTokenData['u']}");
} }
} }
catch (\Throwable $oException) catch (\Throwable $oException)
{ {
\SnappyMail\Log::notice(self::AUTH_SIGN_ME_TOKEN_KEY, $oException->getMessage());
} }
} }

View file

@ -96,13 +96,6 @@ class FileStorage implements \RainLoop\Providers\Storage\IStorage
$iStorageType = StorageType::NOBODY; $iStorageType = StorageType::NOBODY;
} else if ($mAccount instanceof \RainLoop\Model\MainAccount) { } else if ($mAccount instanceof \RainLoop\Model\MainAccount) {
$sEmail = $mAccount->Email(); $sEmail = $mAccount->Email();
if (StorageType::SIGN_ME === $iStorageType) {
$sSubFolder = '.sign_me';
} else if (StorageType::SESSION === $iStorageType) {
$sSubFolder = '.sessions';
} else if (StorageType::PGP === $iStorageType) {
$sSubFolder = '.pgp';
}
} else if ($mAccount instanceof \RainLoop\Model\AdditionalAccount) { } else if ($mAccount instanceof \RainLoop\Model\AdditionalAccount) {
$sEmail = $mAccount->ParentEmail(); $sEmail = $mAccount->ParentEmail();
if ($this->bLocal && !$bForDeleteAction) { if ($this->bLocal && !$bForDeleteAction) {
@ -112,6 +105,16 @@ class FileStorage implements \RainLoop\Providers\Storage\IStorage
$sEmail = $mAccount; $sEmail = $mAccount;
} }
if ($sEmail) {
if (StorageType::SIGN_ME === $iStorageType) {
$sSubFolder = '.sign_me';
} else if (StorageType::SESSION === $iStorageType) {
$sSubFolder = '.sessions';
} else if (StorageType::PGP === $iStorageType) {
$sSubFolder = '.pgp';
}
}
$sFilePath = ''; $sFilePath = '';
switch ($iStorageType) switch ($iStorageType)
{ {