Allow re-authentication with OpenID

"Rememberme" logins aren't allowed to make changes to an account (since cookie-stealing is too easy). Users have to re-authenticate. Previously, it was impossible to do so without having a username and password; this change lets you do it with OpenID, too.
2009-02-05 11:46:17 -05:00
parent a97f8f6a43
commit 7ad3ff4a2c
4 changed files with 29 additions and 4 deletions
--- a/classes/User.php
+++ b/classes/User.php
@@ -630,4 +630,15 @@ class User extends Memcached_DataObject

        return $profile;
    }
+
+    function hasOpenID()
+    {
+        $oid = new User_openid();
+
+        $oid->user_id = $this->id;
+
+        $cnt = $oid->find();
+
+        return ($cnt > 0);
+    }
 }