session.php 4.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174
  1. <?php
  2. /**
  3. * Copyright (c) 2013 Robin Appelman <icewind@owncloud.com>
  4. * This file is licensed under the Affero General Public License version 3 or
  5. * later.
  6. * See the COPYING-README file.
  7. */
  8. namespace OC\User;
  9. use OC\Hooks\Emitter;
  10. /**
  11. * Class Session
  12. *
  13. * Hooks available in scope \OC\User:
  14. * - preSetPassword(\OC\User\User $user, string $password, string $recoverPassword)
  15. * - postSetPassword(\OC\User\User $user, string $password, string $recoverPassword)
  16. * - preDelete(\OC\User\User $user)
  17. * - postDelete(\OC\User\User $user)
  18. * - preCreateUser(string $uid, string $password)
  19. * - postCreateUser(\OC\User\User $user)
  20. * - preLogin(string $user, string $password)
  21. * - postLogin(\OC\User\User $user)
  22. * - logout()
  23. *
  24. * @package OC\User
  25. */
  26. class Session implements Emitter {
  27. /**
  28. * @var \OC\User\Manager $manager
  29. */
  30. private $manager;
  31. /**
  32. * @var \OC\Session\Session $session
  33. */
  34. private $session;
  35. /**
  36. * @var \OC\User\User $activeUser
  37. */
  38. protected $activeUser;
  39. /**
  40. * @param \OC\User\Manager $manager
  41. * @param \OC\Session\Session $session
  42. */
  43. public function __construct($manager, $session) {
  44. $this->manager = $manager;
  45. $this->session = $session;
  46. }
  47. /**
  48. * @param string $scope
  49. * @param string $method
  50. * @param callable $callback
  51. */
  52. public function listen($scope, $method, $callback) {
  53. $this->manager->listen($scope, $method, $callback);
  54. }
  55. /**
  56. * @param string $scope optional
  57. * @param string $method optional
  58. * @param callable $callback optional
  59. */
  60. public function removeListener($scope = null, $method = null, $callback = null) {
  61. $this->manager->removeListener($scope, $method, $callback);
  62. }
  63. /**
  64. * get the manager object
  65. *
  66. * @return \OC\User\Manager
  67. */
  68. public function getManager() {
  69. return $this->manager;
  70. }
  71. /**
  72. * set the currently active user
  73. *
  74. * @param \OC\User\User $user
  75. */
  76. public function setUser($user) {
  77. if (is_null($user)) {
  78. $this->session->remove('user_id');
  79. } else {
  80. $this->session->set('user_id', $user->getUID());
  81. }
  82. $this->activeUser = $user;
  83. }
  84. /**
  85. * get the current active user
  86. *
  87. * @return \OC\User\User
  88. */
  89. public function getUser() {
  90. if ($this->activeUser) {
  91. return $this->activeUser;
  92. } else {
  93. $uid = $this->session->get('user_id');
  94. if ($uid) {
  95. $this->activeUser = $this->manager->get($uid);
  96. return $this->activeUser;
  97. } else {
  98. return null;
  99. }
  100. }
  101. }
  102. /**
  103. * try to login with the provided credentials
  104. *
  105. * @param string $uid
  106. * @param string $password
  107. * @return bool
  108. */
  109. public function login($uid, $password) {
  110. $this->manager->emit('\OC\User', 'preLogin', array($uid, $password));
  111. $user = $this->manager->get($uid);
  112. if ($user) {
  113. $result = $user->checkPassword($password);
  114. if ($result and $user->isEnabled()) {
  115. $this->setUser($user);
  116. $this->manager->emit('\OC\User', 'postLogin', array($user, $password));
  117. return true;
  118. } else {
  119. return false;
  120. }
  121. } else {
  122. return false;
  123. }
  124. }
  125. /**
  126. * logout the user from the session
  127. */
  128. public function logout() {
  129. $this->manager->emit('\OC\User', 'logout');
  130. $this->setUser(null);
  131. $this->unsetMagicInCookie();
  132. }
  133. /**
  134. * Set cookie value to use in next page load
  135. *
  136. * @param string $username username to be set
  137. * @param string $token
  138. */
  139. public function setMagicInCookie($username, $token) {
  140. $secure_cookie = \OC_Config::getValue("forcessl", false); //TODO: DI for cookies and OC_Config
  141. $expires = time() + \OC_Config::getValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15);
  142. setcookie("oc_username", $username, $expires, \OC::$WEBROOT, '', $secure_cookie);
  143. setcookie("oc_token", $token, $expires, \OC::$WEBROOT, '', $secure_cookie, true);
  144. setcookie("oc_remember_login", true, $expires, \OC::$WEBROOT, '', $secure_cookie);
  145. }
  146. /**
  147. * Remove cookie for "remember username"
  148. */
  149. public function unsetMagicInCookie() {
  150. unset($_COOKIE["oc_username"]); //TODO: DI
  151. unset($_COOKIE["oc_token"]);
  152. unset($_COOKIE["oc_remember_login"]);
  153. setcookie('oc_username', '', time()-3600, \OC::$WEBROOT);
  154. setcookie('oc_token', '', time()-3600, \OC::$WEBROOT);
  155. setcookie('oc_remember_login', '', time()-3600, \OC::$WEBROOT);
  156. }
  157. }