further improvements on multiple login token support

outdated tokens are deleted before checking against cookies if an invalid token is used we delete all stored tokens for saveness used token will be replaced by a new one after successful authentication

further improvements on multiple login token support
45f1c3f1 · Michael Göhler · ee5d0f32 · 45f1c3f1
Commit 45f1c3f1 authored 12 years ago by Michael Göhler
--- a/lib/base.php
+++ b/lib/base.php
@@ -536,15 +536,25 @@ class OC{
 		}
 		// confirm credentials in cookie
 		if(isset($_COOKIE['oc_token']) && OC_User::userExists($_COOKIE['oc_username'])) {
+			// delete outdated cookies
+			cleanupLoginTokens($_COOKIE['oc_username']);
+			// get new tokens
 			$tokens = OC_Preferences::getKeys($_COOKIE['oc_username'], 'login_token');
-			$tokens[] = OC_Preferences::getValue($_COOKIE['oc_username'], 'login', 'token');
+			// test cookies token against stored tokens
 			if (in_array($_COOKIE['oc_token'], $tokens, true)) {
-				self::cleanupLoginTokens($_COOKIE['oc_username']);
+				// replace successfully used token with a new one
+				OC_Preferences::deleteKey($_POST['user'], 'login_token', $_COOKIE['oc_token']);
+				$token = md5($_POST["user"].OC_Util::generate_random_bytes(10).$_COOKIE['oc_token']);
+				OC_Preferences::setValue($_POST['user'], 'login_token', $token, time());
+				OC_User::setMagicInCookie($_POST['user'], $token);
+				// login
 				OC_User::setUserId($_COOKIE['oc_username']);
 				OC_Util::redirectToDefaultPage();
 				// doesn't return
 			}
-			OC_Preferences::deleteKey($_POST['user'], 'login_token', $_COOKIE['oc_token']);
+			// if you reach this point you are an attacker
+			// we remove all tokens to be save
+			OC_Preferences::deleteApp($_POST['user'], 'login_token');
 		}
 		OC_User::unsetMagicInCookie();
 		return true;