aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Zot/Auth.php
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Zot/Auth.php')
-rw-r--r--Zotlabs/Zot/Auth.php11
1 files changed, 6 insertions, 5 deletions
diff --git a/Zotlabs/Zot/Auth.php b/Zotlabs/Zot/Auth.php
index 07879fbd9..fed253923 100644
--- a/Zotlabs/Zot/Auth.php
+++ b/Zotlabs/Zot/Auth.php
@@ -102,12 +102,8 @@ class Auth {
function Verify($channel,$hubloc) {
- logger('auth request received from ' . $hubloc['hubloc_addr'] );
-
- // check credentials and access
- // If they are already authenticated and haven't changed credentials,
- // we can save an expensive network round trip and improve performance.
+ logger('auth request received from ' . $hubloc['hubloc_addr'] );
$this->remote = remote_channel();
$this->remote_service_class = '';
@@ -115,6 +111,11 @@ class Auth {
$this->remote_hub = $hubloc['hubloc_url'];
$this->dnt = 0;
+ // check credentials and access
+
+ // If they are already authenticated and haven't changed credentials,
+ // we can save an expensive network round trip and improve performance.
+
// Also check that they are coming from the same site as they authenticated with originally.
$already_authed = (((remote_channel()) && ($hubloc['hubloc_hash'] == remote_channel())