mirror/FreshRSS
0
0
Fork 0
mirror of https://github.com/FreshRSS/FreshRSS.git synced 2026-04-03 22:25:04 -04:00
Code Issues Packages Projects Releases Wiki Activity

Implémentation de l'indentification par mot de passe

Browse Source 
Implémentation de
https://github.com/marienfressinaud/FreshRSS/issues/104
This commit is contained in:
Alexandre Alapetite
2014-01-12 03:10:31 +01:00
parent 43f1b227b4
commit d58886a937
15 changed files with 266 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
app/Controllers/javascriptController.php
View File

@@ -17,7 +17,7 @@ class FreshRSS_javascript_Controller extends Minz_ActionController {
$this->view->categories = $catDAO->listCategories(true, false);
}
// For Web-form login
//For Web-form login
public function nonceAction() {
header('Content-Type: application/json; charset=UTF-8');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s \G\M\T'));
@@ -29,15 +29,15 @@ class FreshRSS_javascript_Controller extends Minz_ActionController {
if (ctype_alnum($user)) {
try {
$conf = new FreshRSS_Configuration($user);
$hash = $conf->passwordHash; //CRYPT_BLOWFISH - Blowfish hashing with a salt as follows: "$2a$", "$2x$" or "$2y$", a two digit cost parameter, "$", and 22 characters from the alphabet "./0-9A-Za-z".
if (strlen($hash) >= 60) {
$this->view->salt1 = substr($hash, 0, 29);
$s = $conf->passwordHash;
if (strlen($s) >= 60) {
$this->view->salt1 = substr($s, 0, 29); //CRYPT_BLOWFISH Salt: "$2a$", a two digit cost parameter, "$", and 22 characters from the alphabet "./0-9A-Za-z".
$this->view->nonce = sha1(Minz_Configuration::salt() . uniqid(mt_rand(), true));
Minz_Session::_param ('nonce', $this->view->nonce);
Minz_Session::_param('nonce', $this->view->nonce);
return; //Success
}
} catch (Minz_Exception $me) {
Minz_Log::record ('Login failure: ' . $me->getMessage(), Minz_Log::WARNING);
Minz_Log::record('Login failure: ' . $me->getMessage(), Minz_Log::WARNING);
}
}
$this->view->nonce = ''; //Failure