Skip to content

Commit

Permalink
use cache functions from ltb-common (#979)
Browse files Browse the repository at this point in the history
  • Loading branch information
David Coutadeur authored and davidcoutadeur committed Sep 13, 2024
1 parent 2ac27b0 commit 7ae0b13
Show file tree
Hide file tree
Showing 5 changed files with 43 additions and 92 deletions.
10 changes: 1 addition & 9 deletions htdocs/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,6 @@
#==============================================================================
require_once("../vendor/autoload.php");
require_once("../lib/functions.inc.php");
require_once(__DIR__."/../lib/cache.php");

use Symfony\Component\Cache\Adapter\FilesystemAdapter;

#==============================================================================
# VARIABLES
Expand Down Expand Up @@ -125,12 +122,7 @@
#==============================================================================
# Cache Config
#==============================================================================
$sspCache = new FilesystemAdapter(
$namespace = 'sspCache',
$defaultLifetime = 0,
$directory = null
);
$sspCache->prune();
$sspCache = new \Ltb\Cache( 'sspCache', 0, null );

#==============================================================================
# Captcha Config
Expand Down
7 changes: 3 additions & 4 deletions htdocs/resetbytoken.php
Original file line number Diff line number Diff line change
Expand Up @@ -54,9 +54,8 @@

# select token in the cache
# will gather login,time and smstoken values from session.
$cached_token = $sspCache->getItem($tokenid);
$cached_token_content = $cached_token->get();
if($cached_token->isHit())
$cached_token_content = $sspCache->get_token($tokenid);
if($cached_token_content)
{
$login = $cached_token_content['login'];
}
Expand Down Expand Up @@ -178,7 +177,7 @@

# Delete token if all is ok
if ( $result === "passwordchanged" ) {
$sspCache->deleteItem($tokenid);
$sspCache->cache->deleteItem($tokenid);
}

#==============================================================================
Expand Down
62 changes: 29 additions & 33 deletions htdocs/sendsms.php
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@
if ((!$login) and (!$phone)){
if(!$sms_use_ldap)
{
$formtoken = generate_form_token($sspCache, $cache_form_expiration);
$formtoken = $sspCache->generate_form_token($cache_form_expiration);
}
$result = "emptysendsmsform";
}
Expand All @@ -88,10 +88,9 @@
$tokenid = decrypt($token, $keyphrase);

# Get session from cache
$cached_token = $sspCache->getItem($tokenid);
$cached_token_content = $cached_token->get();
$cached_token_content = $sspCache->get_token($tokenid);

if($cached_token->isHit())
if($cached_token_content)
{
$login = $cached_token_content['login'];
$sessiontoken = $cached_token_content['smstoken'];
Expand All @@ -109,8 +108,7 @@
# To have only x tries and not x+1 tries
if ($attempts < ($sms_max_attempts_token - 1)) {
$cached_token_content['attempts'] = $attempts + 1;
$cached_token->set($cached_token_content);
$sspCache->save($cached_token);
$sspCache->save_token($cached_token_content, $tokenid);
$result = "tokenattempts";
error_log("SMS token $smstoken not valid, attempt $attempts");
} else {
Expand All @@ -126,11 +124,11 @@
}
if ( $result === "tokennotvalid" ) {
# Remove token
$sspCache->deleteItem($tokenid);
$sspCache->cache->deleteItem($tokenid);
}
if ( $result === "" ) {
# Remove token
$sspCache->deleteItem($tokenid);
$sspCache->cache->deleteItem($tokenid);
$result = "buildtoken";
}
} elseif (isset($_REQUEST["encrypted_sms_login"])) {
Expand All @@ -149,7 +147,7 @@
}else{
if(!$sms_use_ldap)
{
$formtoken = generate_form_token($sspCache, $cache_form_expiration);
$formtoken = $sspCache->generate_form_token($cache_form_expiration);
}
$result = "emptysendsmsform";
}
Expand Down Expand Up @@ -195,7 +193,7 @@
$smsdisplay = substr_replace($sms, '****', 4 , 4);
}

$formtoken = generate_form_token($sspCache, $cache_form_expiration);
$formtoken = $sspCache->generate_form_token($cache_form_expiration);

$result = "smsuserfound";
}
Expand All @@ -213,7 +211,7 @@
#==============================================================================
if ($result === "sendsms") {
$formtoken = strval($_REQUEST["formtoken"]);
$formtoken_result = verify_form_token($sspCache, $formtoken);
$formtoken_result = $sspCache->verify_form_token($formtoken);
if($formtoken_result == "invalidformtoken")
{
$result = $formtoken_result;
Expand All @@ -227,18 +225,17 @@

# Generate sms token
$smstoken = generate_sms_token($sms_token_length);
# Create temporary session to avoid token replay
$smstoken_session_id = hash('sha256', bin2hex(random_bytes(16)));
$smscached_token = $sspCache->getItem($smstoken_session_id);
$smscached_token->set([
'login' => $login,
'smstoken' => $smstoken,
'time' => time(),
'attempts' => 0
]);
$smscached_token->expiresAfter($cache_token_expiration);
$sspCache->save($smscached_token);
error_log("generated cache entry with id: " . $smstoken_session_id. " for storing step 'send sms' of password reset by sms workflow, valid for $cache_token_expiration s");

$smstoken_session_id = $sspCache->save_token(
[
'login' => $login,
'smstoken' => $smstoken,
'time' => time(),
'attempts' => 0
],
null,
$cache_token_expiration
);

$data = array( "sms_attribute" => $sms, "smsresetmessage" => $messages['smsresetmessage'], "smstoken" => $smstoken) ;

Expand Down Expand Up @@ -291,16 +288,15 @@
#==============================================================================
if ($result === "buildtoken") {

$smstoken_session_id = hash('sha256', bin2hex(random_bytes(16)));
$smscached_token = $sspCache->getItem($smstoken_session_id);
$smscached_token->set([
'login' => $login,
'time' => time(),
'smstoken' => $smstoken
]);
$smscached_token->expiresAfter($cache_form_expiration);
$sspCache->save($smscached_token);
error_log("generated cache entry with id: " . $smstoken_session_id. " for storing step 'password change' of password reset by sms workflow, valid for $cache_form_expiration s");
$smstoken_session_id = $sspCache->save_token(
[
'login' => $login,
'time' => time(),
'smstoken' => $smstoken
],
null,
$cache_form_expiration
);

$token = encrypt($smstoken_session_id, $keyphrase);

Expand Down
21 changes: 10 additions & 11 deletions htdocs/sendtoken.php
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@

$result = "emptysendtokenform";

$formtoken = generate_form_token($sspCache, $cache_form_expiration);
$formtoken = $sspCache->generate_form_token($cache_form_expiration);
}

# Check the entered username for characters that our installation doesn't support
Expand All @@ -71,7 +71,7 @@

if ( !$result ) {
$formtoken = strval($_REQUEST["formtoken"]);
$result = verify_form_token($sspCache, $formtoken);
$result = $sspCache->verify_form_token($formtoken);
}

#==============================================================================
Expand Down Expand Up @@ -167,20 +167,19 @@
if ( !$result ) {

# Use cache to register token sent by mail
$token_session_id = hash('sha256', bin2hex(random_bytes(16)));
$token_session_id = $sspCache->save_token(
[
'login' => $login,
'time' => time()
],
null,
$cache_token_expiration
);
if ( $crypt_tokens ) {
$token = encrypt($token_session_id, $keyphrase);
} else {
$token = $token_session_id();
}
$cached_token = $sspCache->getItem($token_session_id);
$cached_token->set([
'login' => $login,
'time' => time()
]);
$cached_token->expiresAfter($cache_token_expiration);
$sspCache->save($cached_token);
error_log("generated cache entry with id: " . $token_session_id. " for storing password reset by mail workflow, valid for $cache_token_expiration s");
}


Expand Down
35 changes: 0 additions & 35 deletions lib/cache.php

This file was deleted.

0 comments on commit 7ae0b13

Please sign in to comment.