mirror of https://github.com/MISP/MISP
fix: [security] Properly validate new auth key
parent
7f2aec7f34
commit
b057426b9f
|
@ -1,24 +1,20 @@
|
||||||
<?php
|
<?php
|
||||||
App::uses('AppModel', 'Model');
|
App::uses('AppModel', 'Model');
|
||||||
App::uses('RandomTool', 'Tools');
|
App::uses('RandomTool', 'Tools');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @property User $User
|
||||||
|
*/
|
||||||
class AuthKey extends AppModel
|
class AuthKey extends AppModel
|
||||||
{
|
{
|
||||||
public $recursive = -1;
|
public $recursive = -1;
|
||||||
|
|
||||||
public $actsAs = array(
|
public $actsAs = array(
|
||||||
'SysLogLogable.SysLogLogable' => array(
|
'SysLogLogable.SysLogLogable' => array(
|
||||||
'userModel' => 'User',
|
'userModel' => 'User',
|
||||||
'userKey' => 'user_id',
|
'userKey' => 'user_id',
|
||||||
'change' => 'full'),
|
'change' => 'full'),
|
||||||
'Containable',
|
'Containable',
|
||||||
);
|
|
||||||
|
|
||||||
public $validate = array(
|
|
||||||
'json' => array(
|
|
||||||
'isValidJson' => array(
|
|
||||||
'rule' => array('isValidJson'),
|
|
||||||
)
|
|
||||||
)
|
|
||||||
);
|
);
|
||||||
|
|
||||||
public $belongsTo = array(
|
public $belongsTo = array(
|
||||||
|
@ -44,7 +40,7 @@ class AuthKey extends AppModel
|
||||||
} else {
|
} else {
|
||||||
$authkey = $this->data['AuthKey']['authkey'];
|
$authkey = $this->data['AuthKey']['authkey'];
|
||||||
}
|
}
|
||||||
$passwordHasher = new BlowfishPasswordHasher();
|
$passwordHasher = $this->getHasher();
|
||||||
$this->data['AuthKey']['authkey'] = $passwordHasher->hash($authkey);
|
$this->data['AuthKey']['authkey'] = $passwordHasher->hash($authkey);
|
||||||
$this->data['AuthKey']['authkey_start'] = substr($authkey, 0, 4);
|
$this->data['AuthKey']['authkey_start'] = substr($authkey, 0, 4);
|
||||||
$this->data['AuthKey']['authkey_end'] = substr($authkey, -4);
|
$this->data['AuthKey']['authkey_end'] = substr($authkey, -4);
|
||||||
|
@ -65,6 +61,7 @@ class AuthKey extends AppModel
|
||||||
$end = substr($authkey, -4);
|
$end = substr($authkey, -4);
|
||||||
$existing_authkeys = $this->find('all', [
|
$existing_authkeys = $this->find('all', [
|
||||||
'recursive' => -1,
|
'recursive' => -1,
|
||||||
|
'fields' => ['authkey', 'user_id'],
|
||||||
'conditions' => [
|
'conditions' => [
|
||||||
'OR' => [
|
'OR' => [
|
||||||
'expiration >' => time(),
|
'expiration >' => time(),
|
||||||
|
@ -74,8 +71,9 @@ class AuthKey extends AppModel
|
||||||
'authkey_end' => $end,
|
'authkey_end' => $end,
|
||||||
]
|
]
|
||||||
]);
|
]);
|
||||||
|
$passwordHasher = $this->getHasher();
|
||||||
foreach ($existing_authkeys as $existing_authkey) {
|
foreach ($existing_authkeys as $existing_authkey) {
|
||||||
if (Security::hash($authkey, 'blowfish', $existing_authkey['AuthKey']['authkey'])) {
|
if ($passwordHasher->check($authkey, $existing_authkey['AuthKey']['authkey'])) {
|
||||||
return $this->User->getAuthUser($existing_authkey['AuthKey']['user_id']);
|
return $this->User->getAuthUser($existing_authkey['AuthKey']['user_id']);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -110,4 +108,12 @@ class AuthKey extends AppModel
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return AbstractPasswordHasher
|
||||||
|
*/
|
||||||
|
private function getHasher()
|
||||||
|
{
|
||||||
|
return new BlowfishPasswordHasher();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue