MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: [internal] Properly set login times for custom auth

pull/6519/head
Jakub Onderka 2020-10-29 17:07:47 +01:00
parent 3c8b9c0fe4
commit 5a4ba9cbc1
3 changed files with 21 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Controller/AppController.php
View File

@ -1101,6 +1101,7 @@ class AppController extends Controller
if ($user['User']) {
unset($user['User']['gpgkey']);
unset($user['User']['certif_public']);
$this->User->updateLoginTimes($user['User']);
$this->Session->renew();
$this->Session->write(AuthComponent::$sessionKey, $user['User']);
if (Configure::read('MISP.log_auth')) {
@ -1189,6 +1190,7 @@ class AppController extends Controller
if ($this->Auth->startup($this)) {
$user = $this->Auth->user();
if ($user) {
$this->User->updateLoginTimes($user);
// User found in the db, add the user info to the session
$this->Session->renew();
$this->Session->write(AuthComponent::$sessionKey, $user);

8
app/Controller/UsersController.php
View File

@ -1231,13 +1231,7 @@ class UsersController extends AppController
));
$lastUserLogin = $user['User']['last_login'];
unset($user['User']['password']);
$user['User']['action'] = 'login';
$user['User']['last_login'] = $this->Auth->user('current_login');
$user['User']['current_login'] = time();
$this->User->save($user['User'], true, array('id', 'last_login', 'current_login'));
if (empty($this->Auth->authenticate['Form']['passwordHasher']) && !empty($passwordToSave)) {
$this->User->saveField('password', $passwordToSave);
}
$this->User->updateLoginTimes($user['User']);
$this->User->Behaviors->enable('SysLogLogable.SysLogLogable');
if ($lastUserLogin) {
$readableDatetime = (new DateTime())->setTimestamp($lastUserLogin)->format('D, d M y H:i:s O'); // RFC822

18
app/Model/User.php
View File

@ -1324,6 +1324,24 @@ class User extends AppModel
}
}
/**
* Updates `current_login` and `last_login` time in database.
*
* @param array $user
* @return array|bool
* @throws Exception
*/
public function updateLoginTimes(array $user)
{
if (!isset($user['id'])) {
throw new InvalidArgumentException("Invalid user object provided.");
}
$user['action'] = 'login'; // for afterSave callbacks
$user['last_login'] = $user['current_login'];
$user['current_login'] = time();
return $this->save($user, true, array('id', 'last_login', 'current_login'));
}
/**
* Initialize GPG. Returns `null` if initialization failed.
*