aboutsummaryrefslogtreecommitdiffstats
path: root/include/security.php
diff options
context:
space:
mode:
authorredmatrix <git@macgirvin.com>2016-07-20 19:03:18 -0700
committerredmatrix <git@macgirvin.com>2016-07-20 19:03:18 -0700
commit6a56a509d3df833c82b876cf89f0bbab2a26c641 (patch)
treef78ed120a535606929d3f701f917fc048a70a8c2 /include/security.php
parentdf0cd4dbc7fbd4d31a953144e0af75ab27447969 (diff)
parent779885f9afe99980c32d2bf30757cc655e5d9427 (diff)
downloadvolse-hubzilla-6a56a509d3df833c82b876cf89f0bbab2a26c641.tar.gz
volse-hubzilla-6a56a509d3df833c82b876cf89f0bbab2a26c641.tar.bz2
volse-hubzilla-6a56a509d3df833c82b876cf89f0bbab2a26c641.zip
Merge branch 'dev' into perms
Diffstat (limited to 'include/security.php')
-rw-r--r--include/security.php29
1 files changed, 15 insertions, 14 deletions
diff --git a/include/security.php b/include/security.php
index 3f31c7d9b..c67a1b400 100644
--- a/include/security.php
+++ b/include/security.php
@@ -12,7 +12,7 @@
* @param bool $return
* @param bool $update_lastlog
*/
-function authenticate_success($user_record, $login_initial = false, $interactive = false, $return = false, $update_lastlog = false) {
+function authenticate_success($user_record, $channel = null, $login_initial = false, $interactive = false, $return = false, $update_lastlog = false) {
$_SESSION['addr'] = $_SERVER['REMOTE_ADDR'];
@@ -23,11 +23,15 @@ function authenticate_success($user_record, $login_initial = false, $interactive
$_SESSION['account_id'] = $user_record['account_id'];
$_SESSION['authenticated'] = 1;
+ if($channel)
+ $uid_to_load = $channel['channel_id'];
- $uid_to_load = (((x($_SESSION,'uid')) && (intval($_SESSION['uid'])))
- ? intval($_SESSION['uid'])
- : intval(App::$account['account_default_channel'])
- );
+ if(! $uid_to_load) {
+ $uid_to_load = (((x($_SESSION,'uid')) && (intval($_SESSION['uid'])))
+ ? intval($_SESSION['uid'])
+ : intval(App::$account['account_default_channel'])
+ );
+ }
if($uid_to_load) {
change_channel($uid_to_load);
@@ -85,16 +89,12 @@ function authenticate_success($user_record, $login_initial = false, $interactive
function atoken_login($atoken) {
if(! $atoken)
return false;
-
- $xchan = atoken_xchan($atoken);
-
$_SESSION['authenticated'] = 1;
- $_SESSION['visitor_id'] = $xchan['xchan_hash'];
+ $_SESSION['visitor_id'] = $atoken['xchan_hash'];
$_SESSION['atoken'] = $atoken['atoken_id'];
- \App::set_observer($xchan);
-
- return [ 'atoken' => true ];
+ \App::set_observer($atoken);
+ return true;
}
@@ -102,7 +102,8 @@ function atoken_xchan($atoken) {
$c = channelx_by_n($atoken['atoken_uid']);
if($c) {
- return [
+ return [
+ 'atoken_id' => $atoken['atoken_id'],
'xchan_hash' => substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'],
'xchan_name' => $atoken['atoken_name'],
'xchan_addr' => t('guest:') . $atoken['atoken_name'] . '@' . \App::get_hostname(),
@@ -115,7 +116,7 @@ function atoken_xchan($atoken) {
];
}
-
+ return null;
}