aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2014-02-10 15:39:19 -0800
committerfriendica <info@friendica.com>2014-02-10 15:39:19 -0800
commite6185eea282a07424c615414b1d0d6a8e395759b (patch)
tree277b34c8a13e5bcc5f6a6e99e83e89acaaffb886
parent12319c41e3c0565745060d7ade97f194229dddb2 (diff)
downloadvolse-hubzilla-e6185eea282a07424c615414b1d0d6a8e395759b.tar.gz
volse-hubzilla-e6185eea282a07424c615414b1d0d6a8e395759b.tar.bz2
volse-hubzilla-e6185eea282a07424c615414b1d0d6a8e395759b.zip
The scenario is that you're authenticated via magic-auth on a remote hub and you change channels locally. Next time you start an auth exchange we'll look to see if your identity changed and we should start fresh if that's the case, rather than just falling through and keeping the old credentials.
-rw-r--r--include/identity.php8
1 files changed, 5 insertions, 3 deletions
diff --git a/include/identity.php b/include/identity.php
index 2db5d8ece..0e01b4a0d 100644
--- a/include/identity.php
+++ b/include/identity.php
@@ -1023,12 +1023,14 @@ function zid_init(&$a) {
if(validate_email($tmp_str)) {
proc_run('php','include/gprobe.php',bin2hex($tmp_str));
$arr = array('zid' => $tmp_str, 'url' => $a->cmd);
- call_hooks('zid_init',$arr);
- if((! local_user()) && (! remote_user())) {
- logger('zid_init: not authenticated. Invoking reverse magic-auth for ' . $tmp_str);
+ call_hooks('zid_init',$arr);
+ if(! local_user()) {
$r = q("select * from hubloc where hubloc_addr = '%s' order by hubloc_connected desc limit 1",
dbesc($tmp_str)
);
+ if($r && remote_user() && remote_user() === $r[0]['hubloc_hash'])
+ return;
+ logger('zid_init: not authenticated. Invoking reverse magic-auth for ' . $tmp_str);
// try to avoid recursion - but send them home to do a proper magic auth
$query = $a->query_string;
$query = str_replace(array('?zid=','&zid='),array('?rzid=','&rzid='),$query);