mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-23 22:10:55 +01:00
Sessionless auth, sort of a mess.
This commit is contained in:
parent
79b32afeec
commit
703fd47bd7
1 changed files with 24 additions and 0 deletions
|
@ -160,6 +160,30 @@ class PhabricatorConduitAPIController
|
|||
return null;
|
||||
}
|
||||
|
||||
// Handle sessionless auth. TOOD: This is super messy.
|
||||
if (isset($metadata['authUser'])) {
|
||||
$user = id(new PhabricatorUser())->loadOneWhere(
|
||||
'userName = %s',
|
||||
$metadata['authUser']);
|
||||
if (!$user) {
|
||||
return array(
|
||||
'ERR-INVALID-AUTH',
|
||||
'Authentication is invalid.',
|
||||
);
|
||||
}
|
||||
$token = idx($metadata, 'authToken');
|
||||
$signature = idx($metadata, 'authSignature');
|
||||
$certificate = $user->getConduitCertificate();
|
||||
if (sha1($token.$certificate) !== $signature) {
|
||||
return array(
|
||||
'ERR-INVALID-AUTH',
|
||||
'Authentication is invalid.',
|
||||
);
|
||||
}
|
||||
$api_request->setUser($user);
|
||||
return null;
|
||||
}
|
||||
|
||||
$session_key = idx($metadata, 'sessionKey');
|
||||
if (!$session_key) {
|
||||
return array(
|
||||
|
|
Loading…
Reference in a new issue