mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/OATHAuth
synced 2024-12-12 00:26:09 +00:00
a24d6adfbf
During the two-step login, users with OATH enabled need to have their login details saved into their session while we prompt them for their OATH code. This encrypts that data, so we don't write their user's password into our session storage. Change-Id: I9969871205ac5c438706df41ef1519cb4cd7a964
52 lines
1.4 KiB
PHP
52 lines
1.4 KiB
PHP
<?php
|
|
|
|
/**
|
|
* Proxy page that redirects to the proper OATH special page
|
|
*/
|
|
class SpecialOATH extends ProxySpecialPage {
|
|
/**
|
|
* If the user already has OATH enabled, show them a page to disable
|
|
* If the user has OATH disabled, show them a page to enable
|
|
*
|
|
* @return SpecialOATHDisable|SpecialOATHEnable|SpecialOATHLogin|SpecialPage
|
|
*/
|
|
protected function getTargetPage() {
|
|
$repo = OATHAuthHooks::getOATHUserRepository();
|
|
|
|
/** @var array $sessionUser */
|
|
$loginInfo = $this->getRequest()->getSessionData( 'oath_login' );
|
|
|
|
/** @var SpecialOATHDisable|SpecialOATHEnable|SpecialOATHLogin|SpecialPage $page */
|
|
$page = null;
|
|
if ( $this->getUser()->isAnon() && $loginInfo !== null ) {
|
|
// User is anonymous, so they are logging in
|
|
$loginInfo = OATHAuthUtils::decryptSessionData(
|
|
$loginInfo,
|
|
$this->getRequest()->getSessionData( 'oath_uid' )
|
|
);
|
|
$page = new SpecialOATHLogin(
|
|
$repo->findByUser( User::newFromName( $loginInfo['wpName'] ) ),
|
|
new DerivativeRequest(
|
|
$this->getRequest(),
|
|
$loginInfo,
|
|
$this->getRequest()->wasPosted()
|
|
)
|
|
);
|
|
} else {
|
|
$user = $repo->findByUser( $this->getUser() );
|
|
|
|
if ( $user->getKey() === null ) {
|
|
$page = new SpecialOATHEnable( $repo, $user );
|
|
} else {
|
|
$page = new SpecialOATHDisable( $repo, $user );
|
|
}
|
|
}
|
|
|
|
return $page;
|
|
}
|
|
|
|
protected function getGroupName() {
|
|
return 'oath';
|
|
}
|
|
}
|