- fixed some "potential" login issues, #718
- improved error logging in case of failed login attempts - improved ESI "access token" handling
This commit is contained in:
Mark Friedrich
@@ -26,7 +26,7 @@ class AccessController extends Controller {
|
||||
if($return = parent::beforeroute($f3, $params)){
|
||||
// Any route/endpoint of a child class of this one,
|
||||
// requires a valid logged in user!
|
||||
if( !$this->isLoggedIn($f3) ){
|
||||
if($this->isLoggedIn($f3) !== 'OK'){
|
||||
// no character found or login timer expired
|
||||
$this->logoutCharacter($f3);
|
||||
// skip route handler and afterroute()
|
||||
@@ -40,51 +40,40 @@ class AccessController extends Controller {
|
||||
/**
|
||||
* get current character and check if it is a valid character
|
||||
* @param \Base $f3
|
||||
* @return bool
|
||||
* @return string
|
||||
* @throws \Exception
|
||||
*/
|
||||
protected function isLoggedIn(\Base $f3): bool {
|
||||
$loginCheck = false;
|
||||
if( $character = $this->getCharacter() ){
|
||||
if($this->checkLogTimer($f3, $character)){
|
||||
if($character->isAuthorized() === 'OK'){
|
||||
$loginCheck = true;
|
||||
protected function isLoggedIn(\Base $f3): string {
|
||||
$loginStatus = 'UNKNOWN';
|
||||
if($character = $this->getCharacter()){
|
||||
if($character->checkLoginTimer()){
|
||||
if(( $authStatus = $character->isAuthorized()) === 'OK'){
|
||||
$loginStatus = 'OK';
|
||||
}else{
|
||||
$loginStatus = $authStatus;
|
||||
}
|
||||
}else{
|
||||
$loginStatus = 'MAX LOGIN TIME EXCEEDED';
|
||||
}
|
||||
}else{
|
||||
$loginStatus = 'NO SESSION FOUND';
|
||||
}
|
||||
|
||||
return $loginCheck;
|
||||
}
|
||||
|
||||
/**
|
||||
* checks whether a user/character is currently logged in
|
||||
* @param \Base $f3
|
||||
* @param Model\CharacterModel $character
|
||||
* @return bool
|
||||
*/
|
||||
private function checkLogTimer(\Base $f3, Model\CharacterModel $character){
|
||||
$loginCheck = false;
|
||||
|
||||
// log character access status in debug mode
|
||||
if(
|
||||
!$character->dry() &&
|
||||
$character->lastLogin
|
||||
$loginStatus !== 'OK' &&
|
||||
$f3->get('DEBUG') === 3
|
||||
){
|
||||
// check logIn time
|
||||
$logInTime = new \DateTime($character->lastLogin);
|
||||
$now = new \DateTime();
|
||||
|
||||
$timeDiff = $now->diff($logInTime);
|
||||
|
||||
$minutes = $timeDiff->days * 60 * 24 * 60;
|
||||
$minutes += $timeDiff->h * 60;
|
||||
$minutes += $timeDiff->i;
|
||||
|
||||
if($minutes <= Config::getPathfinderData('timer.logged')){
|
||||
$loginCheck = true;
|
||||
}
|
||||
self::getLogger('CHARACTER_ACCESS')->write(
|
||||
sprintf(Model\CharacterModel::LOG_ACCESS,
|
||||
$character->_id ,
|
||||
$loginStatus,
|
||||
$character->name
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
return $loginCheck;
|
||||
return $loginStatus;
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user