diff options
author | redmatrix <git@macgirvin.com> | 2016-05-18 17:03:54 -0700 |
---|---|---|
committer | redmatrix <git@macgirvin.com> | 2016-05-18 17:03:54 -0700 |
commit | 1f7e6cae823e75ab47fa9c9a1a496842d20901d5 (patch) | |
tree | c6d321632ca5f4972e9dae283a785b0c7860b3e1 /Zotlabs/Storage | |
parent | 37d14f3a1dbc8b4fea6831585c746be4a6602fcb (diff) | |
download | volse-hubzilla-1f7e6cae823e75ab47fa9c9a1a496842d20901d5.tar.gz volse-hubzilla-1f7e6cae823e75ab47fa9c9a1a496842d20901d5.tar.bz2 volse-hubzilla-1f7e6cae823e75ab47fa9c9a1a496842d20901d5.zip |
Revert "Revert "yet more session work""
This reverts commit 37d14f3a1dbc8b4fea6831585c746be4a6602fcb.
Diffstat (limited to 'Zotlabs/Storage')
-rw-r--r-- | Zotlabs/Storage/BasicAuth.php | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/Zotlabs/Storage/BasicAuth.php b/Zotlabs/Storage/BasicAuth.php index da5af7659..02c4117da 100644 --- a/Zotlabs/Storage/BasicAuth.php +++ b/Zotlabs/Storage/BasicAuth.php @@ -73,6 +73,9 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { protected $timezone = ''; + public $module_disabled = false; + + /** * @brief Validates a username and password. * @@ -92,7 +95,7 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { intval($record['account_id']), intval($record['account_default_channel']) ); - if ($r) { + if($r && $this->check_module_access($r[0]['channel_id'])) { return $this->setAuthenticated($r[0]); } } @@ -109,13 +112,17 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { if ((($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)) && (hash('whirlpool', $record['account_salt'] . $password) === $record['account_password'])) { logger('password verified for ' . $username); - return $this->setAuthenticated($r[0]); + if($this->check_module_access($r[0]['channel_id'])) + return $this->setAuthenticated($r[0]); } } } } - $error = 'password failed for ' . $username; + if($this->module_disabled) + $error = 'module not enabled for ' . $username; + else + $error = 'password failed for ' . $username; logger($error); log_failed_login($error); @@ -139,6 +146,17 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { return true; } + protected function check_module_access($channel_id) { + if($channel_id && \App::$module === 'cdav') { + $x = get_pconfig($channel_id,'cdav','enabled'); + if(! $x) { + $this->module_disabled = true; + return false; + } + } + return true; + } + /** * Sets the channel_name from the currently logged-in channel. * |