- #138 clear character authentication data on sold characters
This commit is contained in:
Exodus4D
@@ -68,6 +68,7 @@ class Sso extends Api\User{
|
||||
|
||||
/**
|
||||
* redirect user to CCP SSO page and request authorization
|
||||
* -> cf. Controller->getCookieCharacters() ( equivalent cookie based login)
|
||||
* @param \Base $f3
|
||||
*/
|
||||
public function requestAuthorization($f3){
|
||||
@@ -89,27 +90,34 @@ class Sso extends Api\User{
|
||||
$character = Model\BasicModel::getNew('CharacterModel');
|
||||
$character->getById($characterId, 0);
|
||||
|
||||
// check if character is valid and exists
|
||||
if(
|
||||
!$character->dry() &&
|
||||
$character->hasUserCharacter() &&
|
||||
($activeCharacter->getUser()->id === $character->getUser()->id)
|
||||
($activeCharacter->getUser()->_id === $character->getUser()->_id)
|
||||
){
|
||||
// requested character belongs to current user
|
||||
// -> update character vom CREST (e.g. corp changed,..)
|
||||
$updateStatus = $character->updateFromCrest();
|
||||
|
||||
if(
|
||||
empty($updateStatus) &&
|
||||
$character->hasUserCharacter() &&
|
||||
$character->isAuthorized()
|
||||
){
|
||||
$loginCheck = $this->loginByCharacter($character);
|
||||
if( empty($updateStatus) ){
|
||||
|
||||
if($loginCheck){
|
||||
// set "login" cookie
|
||||
$this->setLoginCookie($character);
|
||||
// route to "map"
|
||||
$f3->reroute('@map');
|
||||
// make sure character data is up2date!
|
||||
// -> this is not the case if e.g. userCharacters was removed "ownerHash" changed...
|
||||
$character->getById($character->_id);
|
||||
|
||||
if(
|
||||
$character->hasUserCharacter() &&
|
||||
$character->isAuthorized()
|
||||
){
|
||||
$loginCheck = $this->loginByCharacter($character);
|
||||
|
||||
if($loginCheck){
|
||||
// set "login" cookie
|
||||
$this->setLoginCookie($character);
|
||||
// route to "map"
|
||||
$f3->reroute('@map');
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -113,7 +113,7 @@ class Controller {
|
||||
* init new Session handler
|
||||
*/
|
||||
protected function initSession(){
|
||||
// init DB Session (not file based)
|
||||
// init DB based Session (not file based)
|
||||
if( $this->getDB('PF') instanceof DB\SQL){
|
||||
new DB\SQL\Session($this->getDB('PF'));
|
||||
}
|
||||
@@ -213,6 +213,7 @@ class Controller {
|
||||
* get characters from given cookie data
|
||||
* -> validate cookie data
|
||||
* -> validate characters
|
||||
* -> cf. Sso->requestAuthorization() ( equivalent DB based login)
|
||||
* @param array $cookieData
|
||||
* @return array
|
||||
* @throws \Exception
|
||||
@@ -254,18 +255,23 @@ class Controller {
|
||||
/**
|
||||
* @var $character Model\CharacterModel
|
||||
*/
|
||||
$character = $characterAuth->characterId;
|
||||
$updateStatus = $character->updateFromCrest();
|
||||
$updateStatus = $characterAuth->characterId->updateFromCrest();
|
||||
|
||||
// check if character still has user (is not the case of "ownerHash" changed
|
||||
// check if character is still authorized to log in (e.g. corp/ally or config has changed
|
||||
// -> do NOT remove cookie on failure. This can be a temporary problem (e.g. CREST is down,..)
|
||||
if(
|
||||
empty($updateStatus) &&
|
||||
$character->hasUserCharacter() &&
|
||||
$character->isAuthorized()
|
||||
){
|
||||
$characters[$name] = $character;
|
||||
if( empty($updateStatus) ){
|
||||
// make sure character data is up2date!
|
||||
// -> this is not the case if e.g. userCharacters was removed "ownerHash" changed...
|
||||
$character = $characterAuth->rel('characterId');
|
||||
$character->getById($characterAuth->characterId->_id);
|
||||
|
||||
// check if character still has user (is not the case of "ownerHash" changed
|
||||
// check if character is still authorized to log in (e.g. corp/ally or config has changed
|
||||
// -> do NOT remove cookie on failure. This can be a temporary problem (e.g. CREST is down,..)
|
||||
if(
|
||||
$character->hasUserCharacter() &&
|
||||
$character->isAuthorized()
|
||||
){
|
||||
$characters[$name] = $character;
|
||||
}
|
||||
}
|
||||
}else{
|
||||
// clear existing authentication data from DB
|
||||
|
||||
@@ -156,12 +156,16 @@ class CharacterModel extends BasicModel {
|
||||
* @return string
|
||||
*/
|
||||
public function set_ownerHash($ownerHash){
|
||||
if (
|
||||
$this->hasUserCharacter() &&
|
||||
$this->ownerHash !== $ownerHash
|
||||
){
|
||||
$this->userCharacter->erase();
|
||||
|
||||
if( $this->ownerHash !== $ownerHash ){
|
||||
if( $this->hasUserCharacter() ){
|
||||
$this->userCharacter->erase();
|
||||
}
|
||||
|
||||
// delete all existing login-cookie data
|
||||
$this->logout();
|
||||
}
|
||||
|
||||
return $ownerHash;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user