2013-06-16 19:15:33 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
final class PhabricatorAuthValidateController
|
|
|
|
extends PhabricatorAuthController {
|
|
|
|
|
|
|
|
public function shouldRequireLogin() {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2014-05-01 19:23:02 +02:00
|
|
|
public function shouldAllowPartialSessions() {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2015-02-13 00:22:56 +01:00
|
|
|
public function shouldAllowLegallyNonCompliantUsers() {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2013-06-16 19:15:33 +02:00
|
|
|
public function processRequest() {
|
|
|
|
$request = $this->getRequest();
|
|
|
|
$viewer = $request->getUser();
|
|
|
|
|
|
|
|
$failures = array();
|
|
|
|
|
2014-01-23 23:01:35 +01:00
|
|
|
if (!strlen($request->getStr('expect'))) {
|
2013-06-16 19:15:33 +02:00
|
|
|
return $this->renderErrors(
|
|
|
|
array(
|
|
|
|
pht(
|
|
|
|
'Login validation is missing expected parameter ("%s").',
|
2014-10-07 15:01:04 +02:00
|
|
|
'phusr'),
|
|
|
|
));
|
2013-06-16 19:15:33 +02:00
|
|
|
}
|
|
|
|
|
2014-01-23 23:01:35 +01:00
|
|
|
$expect_phusr = $request->getStr('expect');
|
|
|
|
$actual_phusr = $request->getCookie(PhabricatorCookies::COOKIE_USERNAME);
|
2013-06-16 19:15:33 +02:00
|
|
|
if ($actual_phusr != $expect_phusr) {
|
|
|
|
if ($actual_phusr) {
|
|
|
|
$failures[] = pht(
|
|
|
|
"Attempted to set '%s' cookie to '%s', but your browser sent back ".
|
|
|
|
"a cookie with the value '%s'. Clear your browser's cookies and ".
|
|
|
|
"try again.",
|
|
|
|
'phusr',
|
|
|
|
$expect_phusr,
|
|
|
|
$actual_phusr);
|
|
|
|
} else {
|
|
|
|
$failures[] = pht(
|
|
|
|
"Attempted to set '%s' cookie to '%s', but your browser did not ".
|
|
|
|
"accept the cookie. Check that cookies are enabled, clear them, ".
|
|
|
|
"and try again.",
|
|
|
|
'phusr',
|
|
|
|
$expect_phusr);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!$failures) {
|
|
|
|
if (!$viewer->getPHID()) {
|
|
|
|
$failures[] = pht(
|
2014-06-09 20:36:49 +02:00
|
|
|
'Login cookie was set correctly, but your login session is not '.
|
|
|
|
'valid. Try clearing cookies and logging in again.');
|
2013-06-16 19:15:33 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($failures) {
|
|
|
|
return $this->renderErrors($failures);
|
|
|
|
}
|
|
|
|
|
2014-05-01 19:23:02 +02:00
|
|
|
$finish_uri = $this->getApplicationURI('finish/');
|
|
|
|
return id(new AphrontRedirectResponse())->setURI($finish_uri);
|
2013-06-16 19:15:33 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
private function renderErrors(array $messages) {
|
|
|
|
return $this->renderErrorPage(
|
|
|
|
pht('Login Failure'),
|
|
|
|
$messages);
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|