From e6185eea282a07424c615414b1d0d6a8e395759b Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 10 Feb 2014 15:39:19 -0800 Subject: The scenario is that you're authenticated via magic-auth on a remote hub and you change channels locally. Next time you start an auth exchange we'll look to see if your identity changed and we should start fresh if that's the case, rather than just falling through and keeping the old credentials. --- include/identity.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'include/identity.php') diff --git a/include/identity.php b/include/identity.php index 2db5d8ece..0e01b4a0d 100644 --- a/include/identity.php +++ b/include/identity.php @@ -1023,12 +1023,14 @@ function zid_init(&$a) { if(validate_email($tmp_str)) { proc_run('php','include/gprobe.php',bin2hex($tmp_str)); $arr = array('zid' => $tmp_str, 'url' => $a->cmd); - call_hooks('zid_init',$arr); - if((! local_user()) && (! remote_user())) { - logger('zid_init: not authenticated. Invoking reverse magic-auth for ' . $tmp_str); + call_hooks('zid_init',$arr); + if(! local_user()) { $r = q("select * from hubloc where hubloc_addr = '%s' order by hubloc_connected desc limit 1", dbesc($tmp_str) ); + if($r && remote_user() && remote_user() === $r[0]['hubloc_hash']) + return; + logger('zid_init: not authenticated. Invoking reverse magic-auth for ' . $tmp_str); // try to avoid recursion - but send them home to do a proper magic auth $query = $a->query_string; $query = str_replace(array('?zid=','&zid='),array('?rzid=','&rzid='),$query); -- cgit v1.2.3