mirror of https://github.com/MISP/MISP
audit log & terms
do not handle a timed out user log. and better check on login and termsaccepted.pull/63/head
parent
3c18db7dcd
commit
80571386ad
|
@ -65,7 +65,7 @@ class AppController extends Controller {
|
|||
|
||||
public function beforeFilter() {
|
||||
// user must accept terms
|
||||
if (($this->Auth->user() != null) && is_numeric($this->Auth->user('id')) && !$this->Auth->user('termsaccepted') && (!in_array($this->request->here, array('/users/terms', '/users/logout', '/users/login')))) {
|
||||
if ($this->Session->check('User') && !$this->Auth->user('termsaccepted') && (!in_array($this->request->here, array('/users/terms', '/users/logout', '/users/login')))) {
|
||||
$this->redirect(array('controller' => 'users', 'action' => 'terms'));
|
||||
}
|
||||
|
||||
|
|
|
@ -321,7 +321,9 @@ class UsersController extends AppController {
|
|||
}
|
||||
|
||||
public function logout() {
|
||||
$this->extraLog("logout"); // TODO Audit, extraLog, check: customLog i.s.o. extraLog, $this->User->customLog('logout', $this->Auth->user('id'), array());
|
||||
if ($this->Session->check('User')) { // TODO session, user is logged in, so ..
|
||||
$this->extraLog("logout"); // TODO Audit, extraLog, check: customLog i.s.o. extraLog, $this->User->customLog('logout', $this->Auth->user('id'), array());
|
||||
}
|
||||
$this->Session->setFlash(__('Good-Bye'));
|
||||
$this->redirect($this->Auth->logout());
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue