Rework generateAuthHash to take a force parameter so that it can be used to generate auth hashes for zmu

This commit is contained in:
Isaac Connor 2018-06-25 13:43:08 -04:00
parent 09aa3afaac
commit 99a97543f1
2 changed files with 12 additions and 12 deletions

View File

@ -103,13 +103,14 @@ function getAuthUser($auth) {
return false;
} // end getAuthUser($auth)
function generateAuthHash($useRemoteAddr) {
function generateAuthHash($useRemoteAddr, $force=false) {
$auth = '';
if ( ZM_OPT_USE_AUTH and ZM_AUTH_RELAY == 'hashed' and isset($_SESSION['username']) and $_SESSION['passwordHash'] ) {
# regenerate a hash at half the liftetime of a hash, an hour is 3600 so half is 1800
$time = time();
$mintime = $time - ( ZM_AUTH_HASH_TTL * 1800 );
if ( ( !isset($_SESSION['AuthHash']) ) or ( $_SESSION['AuthHashGeneratedAt'] < $mintime ) ) {
if ( $force or ( !isset($_SESSION['AuthHash']) ) or ( $_SESSION['AuthHashGeneratedAt'] < $mintime ) ) {
# Don't both regenerating Auth Hash if an hour hasn't gone by yet
$local_time = localtime();
$authKey = '';
@ -120,17 +121,16 @@ function generateAuthHash($useRemoteAddr) {
}
#Logger::Debug("Generated using hour:".$local_time[2] . ' mday:' . $local_time[3] . ' month:'.$local_time[4] . ' year: ' . $local_time[5] );
$auth = md5($authKey);
session_start();
$_SESSION['AuthHash'] = $auth;
$_SESSION['AuthHashGeneratedAt'] = $time;
session_write_close();
if ( ! $force ) {
session_start();
$_SESSION['AuthHash'] = $auth;
$_SESSION['AuthHashGeneratedAt'] = $time;
session_write_close();
}
#Logger::Debug("Generated new auth $auth at " . $_SESSION['AuthHashGeneratedAt']. " using $authKey" );
#} else {
#} else {
#Logger::Debug("Using cached auth " . $_SESSION['AuthHash'] ." beacuse generatedat:" . $_SESSION['AuthHashGeneratedAt'] . ' < now:'. $time . ' - ' . ZM_AUTH_HASH_TTL . ' * 1800 = '. $mintime);
} # end if AuthHash is not cached
return $_SESSION['AuthHash'];
} else {
$auth = '';
}
return $auth;
}

View File

@ -334,11 +334,11 @@ function getZmuCommand( $args ) {
if ( ZM_OPT_USE_AUTH ) {
if ( ZM_AUTH_RELAY == 'hashed' ) {
$zmuCommand .= ' -A '.generateAuthHash( false );
$zmuCommand .= ' -A '.generateAuthHash(false, true);
} elseif ( ZM_AUTH_RELAY == 'plain' ) {
$zmuCommand .= ' -U ' .escapeshellarg($_SESSION['username']).' -P '.escapeshellarg($_SESSION['password']);
} elseif ( ZM_AUTH_RELAY == 'none' ) {
$zmuCommand .= " -U ".escapeshellarg($_SESSION['username']);
$zmuCommand .= ' -U '.escapeshellarg($_SESSION['username']);
}
}