mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-30 18:52:42 +01:00
d39da529ca
Summary: Fixes T7159. Test Plan: Created a legalpad document that needed a signature and I was required to sign it no matter what page I hit. Signed it and things worked! Added a new legalpad document and I had to sign again! Ran unit tests and they passed! Logged out as a user who was roadblocked into signing a bunch of stuff and it worked! Reviewers: epriestley Reviewed By: epriestley Subscribers: Korvin, epriestley Maniphest Tasks: T7159 Differential Revision: https://secure.phabricator.com/D11759
76 lines
1.9 KiB
PHP
76 lines
1.9 KiB
PHP
<?php
|
|
|
|
final class PhabricatorAuthValidateController
|
|
extends PhabricatorAuthController {
|
|
|
|
public function shouldRequireLogin() {
|
|
return false;
|
|
}
|
|
|
|
public function shouldAllowPartialSessions() {
|
|
return true;
|
|
}
|
|
|
|
public function shouldAllowLegallyNonCompliantUsers() {
|
|
return true;
|
|
}
|
|
|
|
public function processRequest() {
|
|
$request = $this->getRequest();
|
|
$viewer = $request->getUser();
|
|
|
|
$failures = array();
|
|
|
|
if (!strlen($request->getStr('expect'))) {
|
|
return $this->renderErrors(
|
|
array(
|
|
pht(
|
|
'Login validation is missing expected parameter ("%s").',
|
|
'phusr'),
|
|
));
|
|
}
|
|
|
|
$expect_phusr = $request->getStr('expect');
|
|
$actual_phusr = $request->getCookie(PhabricatorCookies::COOKIE_USERNAME);
|
|
if ($actual_phusr != $expect_phusr) {
|
|
if ($actual_phusr) {
|
|
$failures[] = pht(
|
|
"Attempted to set '%s' cookie to '%s', but your browser sent back ".
|
|
"a cookie with the value '%s'. Clear your browser's cookies and ".
|
|
"try again.",
|
|
'phusr',
|
|
$expect_phusr,
|
|
$actual_phusr);
|
|
} else {
|
|
$failures[] = pht(
|
|
"Attempted to set '%s' cookie to '%s', but your browser did not ".
|
|
"accept the cookie. Check that cookies are enabled, clear them, ".
|
|
"and try again.",
|
|
'phusr',
|
|
$expect_phusr);
|
|
}
|
|
}
|
|
|
|
if (!$failures) {
|
|
if (!$viewer->getPHID()) {
|
|
$failures[] = pht(
|
|
'Login cookie was set correctly, but your login session is not '.
|
|
'valid. Try clearing cookies and logging in again.');
|
|
}
|
|
}
|
|
|
|
if ($failures) {
|
|
return $this->renderErrors($failures);
|
|
}
|
|
|
|
$finish_uri = $this->getApplicationURI('finish/');
|
|
return id(new AphrontRedirectResponse())->setURI($finish_uri);
|
|
}
|
|
|
|
private function renderErrors(array $messages) {
|
|
return $this->renderErrorPage(
|
|
pht('Login Failure'),
|
|
$messages);
|
|
}
|
|
|
|
}
|