[MediaWiki-commits] [Gerrit] Add ability to login user without password check - change (wikimedia/slimapp)

BryanDavis (Code Review) Mon, 07 Sep 2015 14:28:25 -0700

BryanDavis has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/236683


Change subject: Add ability to login user without password check
......................................................................

Add ability to login user without password check

Make session management steps for OAuth driven workflows possible by
separating the act of verifying username & password from setting an
authenticated UserData object in the current session.

Change-Id: Ie49b9cc0ccf2c9fdcc559fc065b0f5ab4207cd38
---
M src/Auth/AuthManager.php
M src/Auth/UserManager.php
2 files changed, 21 insertions(+), 12 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/wikimedia/slimapp 
refs/changes/83/236683/1

diff --git a/src/Auth/AuthManager.php b/src/Auth/AuthManager.php
index cc5a7d2..f41abeb 100644
--- a/src/Auth/AuthManager.php
+++ b/src/Auth/AuthManager.php
@@ -109,17 +109,7 @@
                $user = $this->manager->getUserData( $uname );
                $check = Password::comparePasswordToHash( $password, 
$user->getPassword() );
                if ( $check && !$user->isBlocked() ) {
-                       // clear session
-                       foreach ( $_SESSION as $key => $value ) {
-                               unset( $_SESSION[$key] );
-                       }
-
-                       // generate new session id
-                       session_regenerate_id( true );
-
-                       // store user info in session
-                       $this->setUser( $user );
-
+                       $this->login( $user );
                        return true;
 
                } else {
@@ -129,6 +119,25 @@
 
 
        /**
+        * Add authentication.
+        *
+        * @param UserData $user
+        */
+       public function login( UserData $user ) {
+               // clear session
+               foreach ( $_SESSION as $key => $value ) {
+                       unset( $_SESSION[$key] );
+               }
+
+               // generate new session id
+               session_regenerate_id( true );
+
+               // store user info in session
+               $this->setUser( $user );
+       }
+
+
+       /**
         * Remove authentication.
         */
        public function logout() {
diff --git a/src/Auth/UserManager.php b/src/Auth/UserManager.php
index 7445a5f..d71f469 100644
--- a/src/Auth/UserManager.php
+++ b/src/Auth/UserManager.php
@@ -23,7 +23,7 @@
 
 namespace Wikimedia\Slimapp\Auth;
 
-use \PDOException;
+use PDOException;
 
 /**
  * Data access object for users.

-- 
To view, visit https://gerrit.wikimedia.org/r/236683
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Ie49b9cc0ccf2c9fdcc559fc065b0f5ab4207cd38
Gerrit-PatchSet: 1
Gerrit-Project: wikimedia/slimapp
Gerrit-Branch: master
Gerrit-Owner: BryanDavis <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] Add ability to login user without password check - change (wikimedia/slimapp)

Reply via email to