Move authDuration into auths attribute in project
This commit is contained in:
Bradley Schofield
parent
f6b7e0392b
commit
66b805829c
|
|
@ -184,7 +184,7 @@ App::post('/v1/account/sessions/email')
|
|||
throw new Exception(Exception::USER_BLOCKED); // User is in status blocked
|
||||
}
|
||||
|
||||
$duration = $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG);
|
||||
$duration = $project->getAttribute('auths', [])['authDuration'] ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
|
||||
$detector = new Detector($request->getUserAgent('UNKNOWN'));
|
||||
$record = $geodb->get($request->getIP());
|
||||
|
|
@ -451,7 +451,8 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
|
|||
}
|
||||
|
||||
$sessions = $user->getAttribute('sessions', []);
|
||||
$current = Auth::sessionVerify($sessions, Auth::$secret, $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG));
|
||||
$authDuration = $project->getAttribute('auths', [])['authDuration'] ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
$current = Auth::sessionVerify($sessions, Auth::$secret, $authDuration);
|
||||
|
||||
if ($current) { // Delete current session of new one.
|
||||
$currentDocument = $dbForProject->getDocument('sessions', $current);
|
||||
|
|
@ -526,7 +527,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
|
|||
}
|
||||
|
||||
// Create session token, verify user account and update OAuth2 ID and Access Token
|
||||
$duration = $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG);
|
||||
$duration = $project->getAttribute('auths', [])['authDuration'] ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
$detector = new Detector($request->getUserAgent('UNKNOWN'));
|
||||
$record = $geodb->get($request->getIP());
|
||||
$secret = Auth::tokenGenerator();
|
||||
|
|
@ -782,7 +783,7 @@ App::put('/v1/account/sessions/magic-url')
|
|||
throw new Exception(Exception::USER_INVALID_TOKEN);
|
||||
}
|
||||
|
||||
$duration = $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG);
|
||||
$duration = $project->getAttribute('auths', [])['authDuration'] ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
$detector = new Detector($request->getUserAgent('UNKNOWN'));
|
||||
$record = $geodb->get($request->getIP());
|
||||
$secret = Auth::tokenGenerator();
|
||||
|
|
@ -1019,7 +1020,7 @@ App::put('/v1/account/sessions/phone')
|
|||
throw new Exception(Exception::USER_INVALID_TOKEN);
|
||||
}
|
||||
|
||||
$duration = $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG);
|
||||
$duration = $project->getAttribute('auths', [])['authDuration'] ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
$detector = new Detector($request->getUserAgent('UNKNOWN'));
|
||||
$record = $geodb->get($request->getIP());
|
||||
$secret = Auth::tokenGenerator();
|
||||
|
|
@ -1171,7 +1172,7 @@ App::post('/v1/account/sessions/anonymous')
|
|||
])));
|
||||
|
||||
// Create session token
|
||||
$duration = $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG);
|
||||
$duration = $project->getAttribute('auths', [])['authDuration'] ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
$detector = new Detector($request->getUserAgent('UNKNOWN'));
|
||||
$record = $geodb->get($request->getIP());
|
||||
$secret = Auth::tokenGenerator();
|
||||
|
|
@ -1335,7 +1336,8 @@ App::get('/v1/account/sessions')
|
|||
->action(function (Response $response, Document $user, Locale $locale, Document $project) {
|
||||
|
||||
$sessions = $user->getAttribute('sessions', []);
|
||||
$current = Auth::sessionVerify($sessions, Auth::$secret, $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG));
|
||||
$authDuration = $project->getAttribute('auths', [])['authDuration'] ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
$current = Auth::sessionVerify($sessions, Auth::$secret, $authDuration);
|
||||
|
||||
foreach ($sessions as $key => $session) {/** @var Document $session */
|
||||
$countryName = $locale->getText('countries.' . strtolower($session->getAttribute('countryCode')), $locale->getText('locale.country.unknown'));
|
||||
|
|
@ -1434,8 +1436,9 @@ App::get('/v1/account/sessions/:sessionId')
|
|||
->action(function (?string $sessionId, Response $response, Document $user, Locale $locale, Database $dbForProject, Document $project) {
|
||||
|
||||
$sessions = $user->getAttribute('sessions', []);
|
||||
$authDuration = $project->getAttribute('auths', [])['authDuration'] ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
$sessionId = ($sessionId === 'current')
|
||||
? Auth::sessionVerify($user->getAttribute('sessions'), Auth::$secret, $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG))
|
||||
? Auth::sessionVerify($user->getAttribute('sessions'), Auth::$secret, $authDuration)
|
||||
: $sessionId;
|
||||
|
||||
foreach ($sessions as $session) {/** @var Document $session */
|
||||
|
|
@ -1445,7 +1448,7 @@ App::get('/v1/account/sessions/:sessionId')
|
|||
$session
|
||||
->setAttribute('current', ($session->getAttribute('secret') == Auth::hash(Auth::$secret)))
|
||||
->setAttribute('countryName', $countryName)
|
||||
->setAttribute('expire', DateTime::addSeconds(new \DateTime($session->getCreatedAt()), $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG)))
|
||||
->setAttribute('expire', DateTime::addSeconds(new \DateTime($session->getCreatedAt()), $authDuration))
|
||||
;
|
||||
|
||||
return $response->dynamic($session, Response::MODEL_SESSION);
|
||||
|
|
@ -1716,8 +1719,9 @@ App::delete('/v1/account/sessions/:sessionId')
|
|||
->action(function (?string $sessionId, Request $request, Response $response, Document $user, Database $dbForProject, Locale $locale, Event $events, Document $project) {
|
||||
|
||||
$protocol = $request->getProtocol();
|
||||
$authDuration = $project->getAttribute('auths', [])['authDuration'] ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
$sessionId = ($sessionId === 'current')
|
||||
? Auth::sessionVerify($user->getAttribute('sessions'), Auth::$secret, $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG))
|
||||
? Auth::sessionVerify($user->getAttribute('sessions'), Auth::$secret, $authDuration)
|
||||
: $sessionId;
|
||||
|
||||
$sessions = $user->getAttribute('sessions', []);
|
||||
|
|
@ -1788,9 +1792,9 @@ App::patch('/v1/account/sessions/:sessionId')
|
|||
->inject('locale')
|
||||
->inject('events')
|
||||
->action(function (?string $sessionId, Request $request, Response $response, Document $user, Database $dbForProject, Document $project, Locale $locale, Event $events) {
|
||||
|
||||
$authDuration = $project->getAttribute('auths', [])['authDuration'] ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
$sessionId = ($sessionId === 'current')
|
||||
? Auth::sessionVerify($user->getAttribute('sessions'), Auth::$secret, $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG))
|
||||
? Auth::sessionVerify($user->getAttribute('sessions'), Auth::$secret, $authDuration)
|
||||
: $sessionId;
|
||||
|
||||
$sessions = $user->getAttribute('sessions', []);
|
||||
|
|
@ -1831,9 +1835,9 @@ App::patch('/v1/account/sessions/:sessionId')
|
|||
|
||||
$dbForProject->deleteCachedDocument('users', $user->getId());
|
||||
|
||||
$session->setAttribute('expire', DateTime::addSeconds(new \DateTime($session->getCreatedAt()), $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG)));
|
||||
$authDuration = $project->getAttribute('auths', [])['authDuration'] ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
|
||||
var_dump(DateTime::addSeconds(new \DateTime($session->getCreatedAt()), $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG)));
|
||||
$session->setAttribute('expire', DateTime::addSeconds(new \DateTime($session->getCreatedAt()), $authDuration));
|
||||
|
||||
$events
|
||||
->setParam('userId', $user->getId())
|
||||
|
|
|
|||
|
|
@ -520,8 +520,11 @@ App::patch('/v1/projects/:projectId/auth/authDuration')
|
|||
throw new Exception(Exception::PROJECT_NOT_FOUND);
|
||||
}
|
||||
|
||||
$auths = $project->getAttribute('auths', []);
|
||||
$auths['authDuration'] = $authDuration * 60;
|
||||
|
||||
$dbForConsole->updateDocument('projects', $project->getId(), $project
|
||||
->setAttribute('authDuration', $authDuration * 60));
|
||||
->setAttribute('auths', $auths));
|
||||
|
||||
$response->dynamic($project, Response::MODEL_PROJECT);
|
||||
});
|
||||
|
|
|
|||
|
|
@ -732,7 +732,7 @@ App::patch('/v1/teams/:teamId/memberships/:membershipId/status')
|
|||
|
||||
$detector = new Detector($request->getUserAgent('UNKNOWN'));
|
||||
$record = $geodb->get($request->getIP());
|
||||
$authDuration = $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG);
|
||||
$authDuration = $project->getAttribute('auths', [])['authDuration'] ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
$expire = DateTime::addSeconds(new \DateTime(), $authDuration);
|
||||
$secret = Auth::tokenGenerator();
|
||||
$session = new Document(array_merge([
|
||||
|
|
|
|||
|
|
@ -835,9 +835,11 @@ App::setResource('user', function ($mode, $project, $console, $request, $respons
|
|||
$user = $dbForConsole->getDocument('users', Auth::$unique);
|
||||
}
|
||||
|
||||
$authDuration = $project->getAttribute('auths', [])['authDuration'] ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
|
||||
if (
|
||||
$user->isEmpty() // Check a document has been found in the DB
|
||||
|| !Auth::sessionVerify($user->getAttribute('sessions', []), Auth::$secret, $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG))
|
||||
|| !Auth::sessionVerify($user->getAttribute('sessions', []), Auth::$secret, $authDuration)
|
||||
) { // Validate user has valid login token
|
||||
$user = new Document(['$id' => ID::custom(''), '$collection' => 'users']);
|
||||
}
|
||||
|
|
@ -917,9 +919,9 @@ App::setResource('console', function () {
|
|||
'legalCity' => '',
|
||||
'legalAddress' => '',
|
||||
'legalTaxId' => '',
|
||||
'authDuration' => Auth::TOKEN_EXPIRATION_LOGIN_LONG, // 1 Year in seconds
|
||||
'auths' => [
|
||||
'limit' => (App::getEnv('_APP_CONSOLE_WHITELIST_ROOT', 'enabled') === 'enabled') ? 1 : 0, // limit signup to 1 user
|
||||
'duration' => Auth::TOKEN_EXPIRATION_LOGIN_LONG, // 1 Year in seconds
|
||||
],
|
||||
'authWhitelistEmails' => (!empty(App::getEnv('_APP_CONSOLE_WHITELIST_EMAILS', null))) ? \explode(',', App::getEnv('_APP_CONSOLE_WHITELIST_EMAILS', null)) : [],
|
||||
'authWhitelistIPs' => (!empty(App::getEnv('_APP_CONSOLE_WHITELIST_IPS', null))) ? \explode(',', App::getEnv('_APP_CONSOLE_WHITELIST_IPS', null)) : [],
|
||||
|
|
|
|||
|
|
@ -536,10 +536,11 @@ $server->onMessage(function (int $connection, string $message) use ($server, $re
|
|||
Auth::$secret = $session['secret'] ?? '';
|
||||
|
||||
$user = $database->getDocument('users', Auth::$unique);
|
||||
$authDuration = $project->getAttribute('auths', [])['authDuration'] ?? Auth::TOKEN_EXPIRATION_LOGIN_LONG;
|
||||
|
||||
if (
|
||||
empty($user->getId()) // Check a document has been found in the DB
|
||||
|| !Auth::sessionVerify($user->getAttribute('sessions', []), Auth::$secret, $project->getAttribute('authDuration', Auth::TOKEN_EXPIRATION_LOGIN_LONG)) // Validate user has valid login token
|
||||
|| !Auth::sessionVerify($user->getAttribute('sessions', []), Auth::$secret, $authDuration) // Validate user has valid login token
|
||||
) {
|
||||
// cookie not valid
|
||||
throw new Exception('Session is not valid.', 1003);
|
||||
|
|
|
|||
Loading…
Reference in a new issue