mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
Compare commits
2 Commits
801133bc64
...
d782a6c837
Author | SHA1 | Date | |
---|---|---|---|
|
d782a6c837 | ||
|
4b6c248296 |
@ -175,22 +175,8 @@ class CookieAuthenticationHandler implements AuthenticationHandler
|
|||||||
$this->cascadeInTo->logIn($member, false, $request);
|
$this->cascadeInTo->logIn($member, false, $request);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Renew the token
|
// Session renewal hook
|
||||||
Deprecation::withSuppressedNotice(fn() => $rememberLoginHash->renew());
|
$rememberLoginHash->extend('onAfterRenewSession');
|
||||||
|
|
||||||
// Send the new token to the client if it was changed
|
|
||||||
if ($rememberLoginHash->getToken()) {
|
|
||||||
$tokenExpiryDays = RememberLoginHash::config()->uninherited('token_expiry_days');
|
|
||||||
Cookie::set(
|
|
||||||
$this->getTokenCookieName(),
|
|
||||||
$member->ID . ':' . $rememberLoginHash->getToken(),
|
|
||||||
$tokenExpiryDays,
|
|
||||||
null,
|
|
||||||
null,
|
|
||||||
false,
|
|
||||||
true
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Audit logging hook
|
// Audit logging hook
|
||||||
$member->extend('memberAutoLoggedIn');
|
$member->extend('memberAutoLoggedIn');
|
||||||
|
@ -82,15 +82,6 @@ class RememberLoginHash extends DataObject
|
|||||||
*/
|
*/
|
||||||
private static $force_single_token = false;
|
private static $force_single_token = false;
|
||||||
|
|
||||||
/**
|
|
||||||
* If true, the token will be replaced during session renewal. This can cause unexpected
|
|
||||||
* logouts if the new token does not reach the client (e.g. due to a network error).
|
|
||||||
*
|
|
||||||
* This can be disabled as of CMS 5.3, and renewal will be removed entirely in CMS 6.
|
|
||||||
* @deprecated 5.3.0 Will be removed without equivalent functionality
|
|
||||||
*/
|
|
||||||
private static bool $replace_token_during_session_renewal = true;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The token used for the hash. Only present during the lifetime of the request
|
* The token used for the hash. Only present during the lifetime of the request
|
||||||
* that generates it, as the hash representation is stored in the database and
|
* that generates it, as the hash representation is stored in the database and
|
||||||
@ -201,28 +192,6 @@ class RememberLoginHash extends DataObject
|
|||||||
return $rememberLoginHash;
|
return $rememberLoginHash;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Generates a new hash for this member but keeps the device ID intact
|
|
||||||
*
|
|
||||||
* @deprecated 5.3.0 Will be removed without equivalent functionality
|
|
||||||
* @return RememberLoginHash
|
|
||||||
*/
|
|
||||||
public function renew()
|
|
||||||
{
|
|
||||||
// Only regenerate token if configured to do so
|
|
||||||
Deprecation::notice('5.3.0', 'Will be removed without equivalent functionality');
|
|
||||||
$replaceToken = RememberLoginHash::config()->get('replace_token_during_session_renewal');
|
|
||||||
if ($replaceToken) {
|
|
||||||
$hash = $this->getNewHash($this->Member());
|
|
||||||
$this->Hash = $hash;
|
|
||||||
}
|
|
||||||
|
|
||||||
$this->extend('onAfterRenewToken', $replaceToken);
|
|
||||||
$this->write();
|
|
||||||
|
|
||||||
return $this;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Deletes existing tokens for this member
|
* Deletes existing tokens for this member
|
||||||
* if logout_across_devices is true, all tokens are deleted, otherwise
|
* if logout_across_devices is true, all tokens are deleted, otherwise
|
||||||
|
Loading…
Reference in New Issue
Block a user