mirror of
https://github.com/postfixadmin/postfixadmin.git
synced 2024-09-19 19:22:14 +02:00
rejig Login::__construct() as only one arg is really needed
This commit is contained in:
parent
6ad44679a7
commit
ce8c636eb5
@ -80,7 +80,7 @@ class AdminpasswordHandler extends PFAHandler {
|
||||
* check if old password is correct
|
||||
*/
|
||||
protected function _validate_oldpass($field, $val) {
|
||||
$l = new Login('admin', 'username');
|
||||
$l = new Login('admin');
|
||||
if ($l->login($this->id, $val)) {
|
||||
return true;
|
||||
}
|
||||
|
@ -3,11 +3,14 @@
|
||||
|
||||
class Login {
|
||||
private $table;
|
||||
private $id_field;
|
||||
|
||||
public function __construct(string $tableName, string $idField) {
|
||||
public function __construct(string $tableName) {
|
||||
$ok = ['mailbox', 'admin'];
|
||||
|
||||
if(!in_array($tableName, $ok)) {
|
||||
throw new \InvalidArgumentException("Unsupported tableName for login: " . $tableName);
|
||||
}
|
||||
$this->table = table_by_key($tableName);
|
||||
$this->id_field = $idField;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -19,7 +22,7 @@ class Login {
|
||||
*/
|
||||
public function login($username, $password): bool {
|
||||
$active = db_get_boolean(true);
|
||||
$query = "SELECT password FROM {$this->table} WHERE {$this->id_field} = :username AND active = :active";
|
||||
$query = "SELECT password FROM {$this->table} WHERE username = :username AND active = :active";
|
||||
|
||||
$values = array('username' => $username, 'active' => $active);
|
||||
|
||||
@ -45,7 +48,7 @@ class Login {
|
||||
* @throws Exception
|
||||
*/
|
||||
public function generatePasswordRecoveryCode(string $username) {
|
||||
$sql = "SELECT count(1) FROM {$this->table} WHERE {$this->id_field} = :username AND active = :active";
|
||||
$sql = "SELECT count(1) FROM {$this->table} WHERE username = :username AND active = :active";
|
||||
|
||||
$active = db_get_boolean(true);
|
||||
|
||||
@ -58,7 +61,7 @@ class Login {
|
||||
|
||||
if ($result) {
|
||||
$token = generate_password();
|
||||
$updatedRows = db_update($this->table, $this->id_field, $username, array(
|
||||
$updatedRows = db_update($this->table, 'username', $username, array(
|
||||
'token' => pacrypt($token),
|
||||
'token_validity' => date("Y-m-d H:i:s", strtotime('+ 1 hour')),
|
||||
));
|
||||
@ -85,9 +88,7 @@ class Login {
|
||||
public function changePassword($username, $new_password, $old_password): bool {
|
||||
list(/*NULL*/, $domain) = explode('@', $username);
|
||||
|
||||
$login = new Login($this->table, $this->id_field);
|
||||
|
||||
if (!$login->login($username, $old_password)) {
|
||||
if (!$this->login($username, $old_password)) {
|
||||
throw new \Exception(Config::Lang('pPassword_password_current_text_error'));
|
||||
}
|
||||
|
||||
|
@ -56,7 +56,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
|
||||
|
||||
$h = new AdminHandler();
|
||||
|
||||
$login = new Login('admin', $h->getId_field());
|
||||
$login = new Login('admin');
|
||||
if ($login->login($fUsername, $fPassword)) {
|
||||
init_session($fUsername, true);
|
||||
|
||||
|
@ -46,9 +46,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
|
||||
# (language preference cookie is processed even if username and/or password are invalid)
|
||||
}
|
||||
|
||||
$h = new MailboxHandler();
|
||||
|
||||
$login = new Login('mailbox', 'username');
|
||||
$login = new Login('mailbox');
|
||||
;
|
||||
if ($login->login($fUsername, $fPassword)) {
|
||||
init_session($fUsername, false);
|
||||
|
@ -70,12 +70,10 @@ if ($_SERVER['REQUEST_METHOD'] === "POST") {
|
||||
$tUsername = escape_string($username);
|
||||
|
||||
$table = $context === 'admin' ? 'admin' : 'mailbox';
|
||||
$login = new Login($table, 'username');
|
||||
$login = new Login($table);
|
||||
|
||||
$token = $login->generatePasswordRecoveryCode($tUsername);
|
||||
|
||||
$handler = $context === 'admin' ? new AdminHandler : new MailboxHandler;
|
||||
|
||||
if ($token !== false) {
|
||||
$table = table_by_key($context === 'users' ? 'mailbox' : 'admin');
|
||||
$row = db_query_one("SELECT * FROM $table WHERE username= :username", array('username' => $username));
|
||||
|
@ -57,9 +57,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
|
||||
$error += 1;
|
||||
}
|
||||
|
||||
$mh = new MailboxHandler();
|
||||
|
||||
$login = new Login('mailbox', 'username');
|
||||
$login = new Login('mailbox');
|
||||
|
||||
if (!$login->login($username, $fPassword_current)) {
|
||||
$error += 1;
|
||||
|
@ -45,8 +45,7 @@ $server = new Zend_XmlRpc_Server();
|
||||
* @return boolean true on success, else false.
|
||||
*/
|
||||
function login($username, $password) {
|
||||
$h = new MailboxHandler();
|
||||
$login = new Login('mailbox', 'username');
|
||||
$login = new Login('mailbox');
|
||||
if ($login->login($username, $password)) {
|
||||
session_regenerate_id();
|
||||
$_SESSION['authenticated'] = true;
|
||||
@ -86,7 +85,7 @@ class UserProxy {
|
||||
return false; // user doesn't exist.
|
||||
}
|
||||
|
||||
$login = new Login('mailbox', 'username');
|
||||
$login = new Login('mailbox');
|
||||
|
||||
try {
|
||||
return $login->changePassword($username, $new_password, $old_password);
|
||||
@ -101,7 +100,7 @@ class UserProxy {
|
||||
* @return boolean true if successful.
|
||||
*/
|
||||
public function login($username, $password) {
|
||||
$login = new Login('mailbox', 'username');
|
||||
$login = new Login('mailbox');
|
||||
return $login->login($username, $password);
|
||||
}
|
||||
}
|
||||
|
@ -32,7 +32,7 @@ VALUES(:username, :password, :name, :maildir, :local_part, :domain)",
|
||||
}
|
||||
|
||||
public function testInvalidUsers() {
|
||||
$login = new Login('mailbox', 'username');
|
||||
$login = new Login('mailbox');
|
||||
|
||||
$this->assertFalse($login->login('test', 'password'));
|
||||
$this->assertFalse($login->login('test', ''));
|
||||
@ -41,7 +41,7 @@ VALUES(:username, :password, :name, :maildir, :local_part, :domain)",
|
||||
|
||||
|
||||
public function testValidLogin() {
|
||||
$login = new Login('mailbox', 'username');
|
||||
$login = new Login('mailbox');
|
||||
|
||||
$this->assertFalse($login->login('test', 'password'));
|
||||
$this->assertFalse($login->login('test', 'foobar'));
|
||||
@ -49,7 +49,7 @@ VALUES(:username, :password, :name, :maildir, :local_part, :domain)",
|
||||
}
|
||||
|
||||
public function testPasswordRecovery() {
|
||||
$login = new Login('mailbox', 'username');
|
||||
$login = new Login('mailbox');
|
||||
$this->assertFalse($login->generatePasswordRecoveryCode(''));
|
||||
$this->assertFalse($login->generatePasswordRecoveryCode('doesnotexist'));
|
||||
$this->assertNotEmpty($login->generatePasswordRecoveryCode('test@example.com'));
|
||||
|
Loading…
Reference in New Issue
Block a user