TheRON/core
1
0
Fork 0
mirror of https://framagit.org/hubzilla/core.git synced 2026-06-21 00:52:33 -04:00
Code Issues Packages Projects Releases Wiki Activity

magic-auth re-factor

Browse Source
This commit is contained in:
friendica
2013-12-02 17:35:44 -08:00
parent d9f67876dc
commit e0f4a76856
2 changed files with 123 additions and 174 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
mod/magic.php
View File

@@ -13,64 +13,20 @@ function magic_init(&$a) {
$dest = ((x($_REQUEST,'dest')) ? $_REQUEST['dest'] : '');
$rev = ((x($_REQUEST,'rev')) ? intval($_REQUEST['rev']) : 0);
if($hash) {
$x = q("select xchan.xchan_url, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash
where hubloc_hash = '%s' and (hubloc_flags & %d) order by hubloc_id desc limit 1",
dbesc($hash),
intval(HUBLOC_FLAGS_PRIMARY)
);
}
elseif($addr) {
$x = q("select hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash
where xchan_addr = '%s' and (hubloc_flags & %d) order by hubloc_id desc limit 1",
dbesc($addr),
intval(HUBLOC_FLAGS_PRIMARY)
);
}
else {
// See if we know anybody at the dest site that will unlock the door for us
// This is the equivalent of buzzing every apartment in an apartment block
// to get inside the front gate. The thing about magic auth is that we're
// authenticating to the other site. Permissions provided by various
// channels will still affect what we can do once authenticated.
$parsed = parse_url($dest);
if(! $parsed)
goaway($dest);
$b = explode('/',$dest);
if(count($b) >= 2) {
$u = $b[0] . '//' . $b[2];
if(local_user()) {
// first look for a connection or anybody who knows us
$x = q("select xchan.xchan_url, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash
left join abook on abook_xchan = hubloc_hash
where abook_channel = %d and hubloc_url = '%s' order by hubloc_id desc limit 5",
intval(local_user()),
dbesc($u)
);
}
if(! $x) {
// no luck - ok anybody will do
$x = q("select xchan.xchan_url, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash
where hubloc_url = '%s' order by hubloc_id desc limit 5",
dbesc($u)
);
}
if($x) {
// They must have a valid hubloc_addr
while(! strpos($x[0]['hubloc_addr'],'@')) {
array_shift($x);
}
}
}
}
$basepath = $parsed['scheme'] . '://' . $parsed['host'] . (($parsed['port']) ? ':' . $parsed['port'] : '');
$x = q("select * from hubloc where hubloc_url = '%s' order by hubloc_connected desc limit 1"
dbesc($basepath)
);
if(! $x) {
// Finger them if they've never been seen here before
// Somebody new? Finger them if they've never been seen here before
if($addr) {
$ret = zot_finger($addr,null);
@@ -78,10 +34,11 @@ function magic_init(&$a) {
$j = json_decode($ret['body'],true);
if($j)
import_xchan($j);
$x = q("select hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash
where xchan_addr = '%s' and (hubloc_flags & %d) order by hubloc_id desc limit 1",
dbesc($addr),
intval(HUBLOC_FLAGS_PRIMARY)
// Now try again
$x = q("select * from hubloc where hubloc_url = '%s' order by hubloc_connected desc limit 1"
dbesc($basepath)
);
}
}
@@ -112,7 +69,7 @@ function magic_init(&$a) {
if(! $arr['proceed'])
goaway($dest);
if($x[0]['hubloc_url'] === z_root()) {
if((get_observer_hash()) && ($x[0]['hubloc_url'] === z_root())) {
// We are already authenticated on this site and a registered observer.
// Just redirect.
goaway($dest);
@@ -143,7 +100,6 @@ function magic_init(&$a) {
. '&sec=' . $token . '&dest=' . urlencode($dest) . '&version=' . ZOT_REVISION);
}
if(strpos($dest,'/'))
goaway($dest);
goaway(z_root());
goaway($dest);
}