mirror of
https://github.com/the-djmaze/snappymail.git
synced 2026-07-13 03:27:39 +03:00
parent
4d0ee8736b
commit
f2aba8b11d
3 changed files with 17 additions and 18 deletions
|
|
@ -323,18 +323,20 @@ trait UserAuth
|
||||||
{
|
{
|
||||||
$sSignMeToken = Utils::GetCookie(self::AUTH_SIGN_ME_TOKEN_KEY);
|
$sSignMeToken = Utils::GetCookie(self::AUTH_SIGN_ME_TOKEN_KEY);
|
||||||
if ($sSignMeToken) {
|
if ($sSignMeToken) {
|
||||||
|
\SnappyMail\Log::notice(self::AUTH_SIGN_ME_TOKEN_KEY, 'decrypt');
|
||||||
$aResult = \SnappyMail\Crypt::DecryptUrlSafe($sSignMeToken);
|
$aResult = \SnappyMail\Crypt::DecryptUrlSafe($sSignMeToken);
|
||||||
if (isset($aResult['e'], $aResult['u']) && \SnappyMail\UUID::isValid($aResult['u'])) {
|
if (isset($aResult['e'], $aResult['u']) && \SnappyMail\UUID::isValid($aResult['u'])) {
|
||||||
return $aResult;
|
return $aResult;
|
||||||
}
|
}
|
||||||
\SnappyMail\Log::notice(self::AUTH_SIGN_ME_TOKEN_KEY, 'invalid');
|
\SnappyMail\Log::notice(self::AUTH_SIGN_ME_TOKEN_KEY, 'invalid');
|
||||||
|
Utils::ClearCookie(self::AUTH_SIGN_ME_TOKEN_KEY);
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
private function SetSignMeToken(MainAccount $oAccount): void
|
private function SetSignMeToken(MainAccount $oAccount): void
|
||||||
{
|
{
|
||||||
// $this->ClearSignMeData();
|
$this->ClearSignMeData();
|
||||||
$uuid = \SnappyMail\UUID::generate();
|
$uuid = \SnappyMail\UUID::generate();
|
||||||
$data = \SnappyMail\Crypt::Encrypt($oAccount);
|
$data = \SnappyMail\Crypt::Encrypt($oAccount);
|
||||||
Utils::SetCookie(
|
Utils::SetCookie(
|
||||||
|
|
|
||||||
|
|
@ -144,6 +144,12 @@ class Utils
|
||||||
*/
|
*/
|
||||||
if (\strlen($sValue)) {
|
if (\strlen($sValue)) {
|
||||||
$_COOKIE[$sName] = $sValue;
|
$_COOKIE[$sName] = $sValue;
|
||||||
|
} else {
|
||||||
|
if (!isset($_COOKIE[$sName])) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
unset($_COOKIE[$sName]);
|
||||||
|
$iExpire = \time() - 3600 * 24 * 30;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Cookie "$sName" has been rejected because it is already expired.
|
// Cookie "$sName" has been rejected because it is already expired.
|
||||||
|
|
@ -203,23 +209,14 @@ class Utils
|
||||||
$aSplit = \explode('~', $sCookieName);
|
$aSplit = \explode('~', $sCookieName);
|
||||||
if (isset($aSplit[1]) && $aSplit[0] == $sName && $aSplit[1] > $i) {
|
if (isset($aSplit[1]) && $aSplit[0] == $sName && $aSplit[1] > $i) {
|
||||||
\SnappyMail\Log::debug('COOKIE', "unset {$sCookieName}");
|
\SnappyMail\Log::debug('COOKIE', "unset {$sCookieName}");
|
||||||
unset($_COOKIE[$sCookieName]);
|
static::_SetCookie($sCookieName, '', 0);
|
||||||
static::_SetCookie($sCookieName, '', \time() - 3600 * 24 * 30);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function ClearCookie(string $sName)
|
public static function ClearCookie(string $sName)
|
||||||
{
|
{
|
||||||
if (isset($_COOKIE[$sName])) {
|
static::_SetCookie($sName, '', 0);
|
||||||
$sPath = static::$CookieDefaultPath;
|
|
||||||
foreach (\array_keys($_COOKIE) as $sCookieName) {
|
|
||||||
if (\strtok($sCookieName, '~') === $sName) {
|
|
||||||
unset($_COOKIE[$sCookieName]);
|
|
||||||
static::_SetCookie($sCookieName, '', \time() - 3600 * 24 * 30);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function UrlEncode(string $sV, bool $bEncode = false) : string
|
public static function UrlEncode(string $sV, bool $bEncode = false) : string
|
||||||
|
|
|
||||||
|
|
@ -119,7 +119,7 @@ abstract class Crypt
|
||||||
return ['xxtea', $salt, static::XxteaEncrypt($data, $salt, $key)];
|
return ['xxtea', $salt, static::XxteaEncrypt($data, $salt, $key)];
|
||||||
/*
|
/*
|
||||||
if (static::{"{$result[0]}Decrypt"}($result[2], $result[1], $key) !== $data) {
|
if (static::{"{$result[0]}Decrypt"}($result[2], $result[1], $key) !== $data) {
|
||||||
throw new \Exception('Encrypt/Decrypt mismatch');
|
throw new \RuntimeException('Encrypt/Decrypt mismatch');
|
||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
}
|
}
|
||||||
|
|
@ -159,7 +159,7 @@ abstract class Crypt
|
||||||
\str_pad('', \SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES, static::Passphrase($key))
|
\str_pad('', \SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES, static::Passphrase($key))
|
||||||
);
|
);
|
||||||
if (!$result) {
|
if (!$result) {
|
||||||
throw new \Exception('Sodium encryption failed');
|
throw new \RuntimeException('Sodium encryption failed');
|
||||||
}
|
}
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
@ -173,7 +173,7 @@ abstract class Crypt
|
||||||
throw new \Exception('openssl_decrypt not callable');
|
throw new \Exception('openssl_decrypt not callable');
|
||||||
}
|
}
|
||||||
if (!static::$cipher) {
|
if (!static::$cipher) {
|
||||||
throw new \Exception('openssl $cipher not set');
|
throw new \RuntimeException('openssl $cipher not set');
|
||||||
}
|
}
|
||||||
Log::debug('Crypt', 'openssl_decrypt() with cipher ' . static::$cipher);
|
Log::debug('Crypt', 'openssl_decrypt() with cipher ' . static::$cipher);
|
||||||
return \openssl_decrypt(
|
return \openssl_decrypt(
|
||||||
|
|
@ -194,7 +194,7 @@ abstract class Crypt
|
||||||
throw new \Exception('openssl_encrypt not callable');
|
throw new \Exception('openssl_encrypt not callable');
|
||||||
}
|
}
|
||||||
if (!static::$cipher) {
|
if (!static::$cipher) {
|
||||||
throw new \Exception('openssl $cipher not set');
|
throw new \RuntimeException('openssl $cipher not set');
|
||||||
}
|
}
|
||||||
Log::debug('Crypt', 'openssl_encrypt() with cipher ' . static::$cipher);
|
Log::debug('Crypt', 'openssl_encrypt() with cipher ' . static::$cipher);
|
||||||
$result = \openssl_encrypt(
|
$result = \openssl_encrypt(
|
||||||
|
|
@ -205,7 +205,7 @@ abstract class Crypt
|
||||||
$iv
|
$iv
|
||||||
);
|
);
|
||||||
if (!$result) {
|
if (!$result) {
|
||||||
throw new \Exception('OpenSSL encryption with ' . static::$cipher . ' failed');
|
throw new \RuntimeException('OpenSSL encryption with ' . static::$cipher . ' failed');
|
||||||
}
|
}
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
@ -231,7 +231,7 @@ abstract class Crypt
|
||||||
? \xxtea_encrypt($data, $key)
|
? \xxtea_encrypt($data, $key)
|
||||||
: \MailSo\Base\Xxtea::encrypt($data, $key);
|
: \MailSo\Base\Xxtea::encrypt($data, $key);
|
||||||
if (!$result) {
|
if (!$result) {
|
||||||
throw new \Exception('Xxtea encryption failed');
|
throw new \RuntimeException('Xxtea encryption failed');
|
||||||
}
|
}
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue