Bugfix for crypt system

This commit is contained in:
djmaze 2021-11-10 15:10:28 +01:00
parent b102fc0e4c
commit c13724fbbb
4 changed files with 5 additions and 10 deletions

View file

@ -259,6 +259,7 @@ trait Contacts
return $aData;
}
// Try the old
$aData = \RainLoop\Utils::DecodeKeyValues($sData);
if ($aData) {
return array(

View file

@ -178,10 +178,7 @@ trait UserAuth
}
}
$aData = \SnappyMail\Crypt::DecryptFromJSON(
\MailSo\Base\Utils::UrlSafeBase64Decode($this->sSpecAuthToken),
APP_SALT . Utils::GetShortToken()
);
$aData = \SnappyMail\Crypt::DecryptFromJSON(\MailSo\Base\Utils::UrlSafeBase64Decode($this->sSpecAuthToken));
if (!empty($aData)) {
$this->oSpecAuthAccount = Account::NewInstanceFromTokenArray(
$this,
@ -200,10 +197,7 @@ trait UserAuth
public function SetAuthToken(Account $oAccount): void
{
$sSpecAuthToken = \MailSo\Base\Utils::UrlSafeBase64Encode(\SnappyMail\Crypt::EncryptToJSON(
$oAccount,
APP_SALT . Utils::GetShortToken()
));
$sSpecAuthToken = \MailSo\Base\Utils::UrlSafeBase64Encode(\SnappyMail\Crypt::EncryptToJSON($oAccount));
$this->sSpecAuthToken = $sSpecAuthToken;
$this->oSpecAuthAccount = null;

View file

@ -23,7 +23,7 @@ class Utils
/**
* Session cookie
* Used by: EncodeKeyValuesQ, DecodeKeyValuesQ
* Used by: EncodeKeyValuesQ, DecodeKeyValuesQ and getAccountFromToken/SetAuthToken
*/
SHORT_TOKEN = 'smsession';

View file

@ -88,7 +88,7 @@ abstract class Crypt
public static function DecryptFromJSON(string $data, string $key = null) /* : mixed */
{
$aData = \json_decode($data, true);
$aData = \is_array($aData) ? static::Decrypt(\array_map('base64_decode', $aData), $key) : null;
return \is_array($aData) ? static::Decrypt(\array_map('base64_decode', $aData), $key) : null;
}
public static function Encrypt($data, string $key = null) : array