Added 'login' command that gives you a link that can be used to login to the website

This commit is contained in:
Craig Andrews 2009-12-05 21:03:27 -05:00
parent cb2966a64c
commit 75cac0fd6b
10 changed files with 121 additions and 9 deletions

View File

@ -79,6 +79,8 @@ class LoginAction extends Action
$this->clientError(_('Already logged in.')); $this->clientError(_('Already logged in.'));
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') { } else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->checkLogin(); $this->checkLogin();
} else if (isset($args['user_id']) && isset($args['token'])){
$this->checkLogin($args['user_id'],$args['token']);
} else { } else {
common_ensure_session(); common_ensure_session();
$this->showForm(); $this->showForm();
@ -95,7 +97,7 @@ class LoginAction extends Action
* @return void * @return void
*/ */
function checkLogin() function checkLogin($user_id=null, $token=null)
{ {
if(isset($token) && isset($user_id)){ if(isset($token) && isset($user_id)){
//Token based login (from the LoginCommand) //Token based login (from the LoginCommand)
@ -137,11 +139,6 @@ class LoginAction extends Action
$user = common_check_user($nickname, $password); $user = common_check_user($nickname, $password);
} }
$nickname = common_canonical_nickname($this->trimmed('nickname'));
$password = $this->arg('password');
$user = common_check_user($nickname, $password);
if (!$user) { if (!$user) {
$this->showForm(_('Incorrect username or password.')); $this->showForm(_('Incorrect username or password.'));
return; return;

42
classes/Login_token.php Normal file
View File

@ -0,0 +1,42 @@
<?php
/**
* Table Definition for login_token
*
* StatusNet - the distributed open-source microblogging tool
* Copyright (C) 2009, StatusNet, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
require_once INSTALLDIR.'/classes/Memcached_DataObject.php';
class Login_token extends Memcached_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
public $__table = 'login_token'; // table name
public $user_id; // int(4) primary_key not_null
public $token; // char(32) not_null
public $created; // datetime() not_null
public $modified; // timestamp() not_null default_CURRENT_TIMESTAMP
/* Static get */
function staticGet($k,$v=NULL) { return DB_DataObject::staticGet('Login_token',$k,$v); }
/* the code above is auto generated do not remove the tag below */
###END_AUTOCODE
}

View File

@ -260,6 +260,7 @@ modified = 384
[login_token__keys] [login_token__keys]
user_id = K user_id = K
token = K
[message] [message]
id = 129 id = 129

View File

@ -72,4 +72,13 @@ create table location_namespace (
created datetime not null comment 'date the record was created', created datetime not null comment 'date the record was created',
modified timestamp comment 'date this record was modified' modified timestamp comment 'date this record was modified'
) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin; ) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin;
create table login_token (
user_id integer not null comment 'user owning this token' references user (id),
token char(32) not null comment 'token useable for logging in',
created datetime not null comment 'date this record was created',
modified timestamp comment 'date this record was modified',
constraint primary key (user_id)
) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin;

View File

@ -39,6 +39,15 @@ create table profile_role (
); );
create table login_token (
user_id integer not null /* comment 'user owning this token'*/ references "user" (id),
token char(32) not null /* comment 'token useable for logging in'*/,
created timestamp not null DEFAULT CURRENT_TIMESTAMP /* comment 'date this record was created'*/,
modified timestamp /* comment 'date this record was modified'*/,
primary key (user_id)
);
DROP index fave_user_id_idx; DROP index fave_user_id_idx;
CREATE index fave_user_id_idx on fave (user_id,modified); CREATE index fave_user_id_idx on fave (user_id,modified);
@ -60,4 +69,3 @@ ALTER TABLE profile ADD COLUMN lat decimal(10,7) /*comment 'latitude'*/ ;
ALTER TABLE profile ADD COLUMN lon decimal(10,7) /*comment 'longitude'*/; ALTER TABLE profile ADD COLUMN lon decimal(10,7) /*comment 'longitude'*/;
ALTER TABLE profile ADD COLUMN location_id integer /* comment 'location id if possible'*/; ALTER TABLE profile ADD COLUMN location_id integer /* comment 'location id if possible'*/;
ALTER TABLE profile ADD COLUMN location_ns integer /* comment 'namespace for location'*/; ALTER TABLE profile ADD COLUMN location_ns integer /* comment 'namespace for location'*/;

View File

@ -575,3 +575,13 @@ create table location_namespace (
modified timestamp comment 'date this record was modified' modified timestamp comment 'date this record was modified'
) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin; ) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin;
create table login_token (
user_id integer not null comment 'user owning this token' references user (id),
token char(32) not null comment 'token useable for logging in',
created datetime not null comment 'date this record was created',
modified timestamp comment 'date this record was modified',
constraint primary key (user_id)
) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin;

View File

@ -570,4 +570,14 @@ create table profile_role (
primary key (profile_id, role) primary key (profile_id, role)
); );
create table login_token (
user_id integer not null /* comment 'user owning this token'*/ references "user" (id),
token char(32) not null /* comment 'token useable for logging in'*/,
created timestamp not null DEFAULT CURRENT_TIMESTAMP /* comment 'date this record was created'*/,
modified timestamp /* comment 'date this record was modified'*/,
primary key (user_id)
);

View File

@ -579,6 +579,32 @@ class OnCommand extends Command
} }
} }
class LoginCommand extends Command
{
function execute($channel)
{
$login_token = Login_token::staticGet('user_id',$this->user->id);
if($login_token){
$login_token->delete();
}
$login_token = new Login_token();
$login_token->user_id = $this->user->id;
$login_token->token = common_good_rand(16);
$login_token->created = common_sql_now();
$result = $login_token->insert();
if (!$result) {
common_log_db_error($login_token, 'INSERT', __FILE__);
$channel->error($this->user, sprintf(_('Could not create login token for %s'),
$this->user->nickname));
return;
}
$channel->output($this->user,
sprintf(_('This link is useable only once, and is good for only 2 minutes: %s'),
common_local_url('login',
array('user_id'=>$login_token->user_id, 'token'=>$login_token->token))));
}
}
class SubscriptionsCommand extends Command class SubscriptionsCommand extends Command
{ {
function execute($channel) function execute($channel)
@ -666,6 +692,7 @@ class HelpCommand extends Command
"reply #<notice_id> - reply to notice with a given id\n". "reply #<notice_id> - reply to notice with a given id\n".
"reply <nickname> - reply to the last notice from user\n". "reply <nickname> - reply to the last notice from user\n".
"join <group> - join group\n". "join <group> - join group\n".
"login - Get a link to login to the web interface\n".
"drop <group> - leave group\n". "drop <group> - leave group\n".
"stats - get your stats\n". "stats - get your stats\n".
"stop - same as 'off'\n". "stop - same as 'off'\n".

View File

@ -41,6 +41,12 @@ class CommandInterpreter
return null; return null;
} }
return new HelpCommand($user); return new HelpCommand($user);
case 'login':
if ($arg) {
return null;
} else {
return new LoginCommand($user);
}
case 'subscribers': case 'subscribers':
if ($arg) { if ($arg) {
return null; return null;

View File

@ -88,6 +88,8 @@ class Router
$m->connect('doc/:title', array('action' => 'doc')); $m->connect('doc/:title', array('action' => 'doc'));
$m->connect('main/login?user_id=:user_id&token=:token', array('action'=>'login'), array('user_id'=> '[0-9]+', 'token'=>'.+'));
// main stuff is repetitive // main stuff is repetitive
$main = array('login', 'logout', 'register', 'subscribe', $main = array('login', 'logout', 'register', 'subscribe',