Aaron Schulz has uploaded a new change for review.
https://gerrit.wikimedia.org/r/64098
Change subject: Bumped token expiry times a bit.
......................................................................
Bumped token expiry times a bit.
* Also removed memcached add() loop, which is overkill since
the token has high entropy (128 bits), even more than v4 UUID.
* Swapped set() for add() in a few places just for sanity/consistency.
Change-Id: I39ee3fffcc531808996b55914b233c379a3b9f9b
---
M CentralAuthHooks.php
M specials/SpecialCentralAutoLogin.php
M specials/SpecialCentralLogin.php
3 files changed, 9 insertions(+), 9 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/CentralAuth
refs/changes/98/64098/1
diff --git a/CentralAuthHooks.php b/CentralAuthHooks.php
index 36cbd03..b5f1a3f 100644
--- a/CentralAuthHooks.php
+++ b/CentralAuthHooks.php
@@ -201,7 +201,7 @@
);
$loginToken = MWCryptRand::generateHex( 32 );
- $wgMemc->set( CentralAuthUser::memcKey( 'login-token',
$loginToken ), $data, 600 );
+ $wgMemc->add( CentralAuthUser::memcKey( 'login-token',
$loginToken ), $data, 600 );
$wiki = WikiMap::getWiki( $wiki );
// Use WikiReference::getFullUrl(), returns a
protocol-relative URL if needed
@@ -275,7 +275,7 @@
'guid' => $centralUser->getId(),
'wikiId' => wfWikiId()
);
- $wgMemc->set( $key, $data, 15 );
+ $wgMemc->add( $key, $data, 60 );
$wiki = WikiMap::getWiki( $wgCentralAuthLoginWiki );
// Use WikiReference::getFullUrl(), returns a
protocol-relative URL if needed
@@ -452,7 +452,7 @@
);
$loginToken = MWCryptRand::generateHex( 32 );
global $wgMemc;
- $wgMemc->set( CentralAuthUser::memcKey( 'login-token',
$loginToken ), $data, 600 );
+ $wgMemc->add( CentralAuthUser::memcKey( 'login-token',
$loginToken ), $data, 600 );
$wiki = WikiMap::getWiki( $wiki );
// Use WikiReference::getFullUrl(), returns a
protocol-relative URL if needed
diff --git a/specials/SpecialCentralAutoLogin.php
b/specials/SpecialCentralAutoLogin.php
index 6d89a13..f9bd99d 100644
--- a/specials/SpecialCentralAutoLogin.php
+++ b/specials/SpecialCentralAutoLogin.php
@@ -102,10 +102,10 @@
'gu_id' => $gu_id,
'wikiid' => $wikiid,
);
- do {
- $token = MWCryptRand::generateHex( 32 );
- $key = CentralAuthUser::memcKey(
'centralautologin-token', $token, $wikiid );
- } while ( !$wgMemc->add( $key, $memcData, 10 ) );
+
+ $token = MWCryptRand::generateHex( 32 );
+ $key = CentralAuthUser::memcKey(
'centralautologin-token', $token, $wikiid );
+ $wgMemc->add( $key, $memcData, 60 );
// Save memc token for L2
$this->getRequest()->setSessionData(
'centralautologin-token', $token );
@@ -164,7 +164,7 @@
'userName' => $centralUser->getName(),
'token' => $centralUser->getAuthToken(),
);
- $wgMemc->set( $key, $memcData, 10 );
+ $wgMemc->set( $key, $memcData, 60 );
$data = array(
'status' => 'ok',
diff --git a/specials/SpecialCentralLogin.php b/specials/SpecialCentralLogin.php
index f01ce22..ac20bab 100644
--- a/specials/SpecialCentralLogin.php
+++ b/specials/SpecialCentralLogin.php
@@ -91,7 +91,7 @@
'sessionId' => $newSessionId,
'secret' => $info['secret'] // should match the
login attempt secret
);
- $wgMemc->set( $key, $data, 15 );
+ $wgMemc->add( $key, $data, 60 );
$wiki = WikiMap::getWiki( $info['wikiId'] );
// Use WikiReference::getFullUrl(), returns a protocol-relative
URL if needed
--
To view, visit https://gerrit.wikimedia.org/r/64098
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I39ee3fffcc531808996b55914b233c379a3b9f9b
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/CentralAuth
Gerrit-Branch: master
Gerrit-Owner: Aaron Schulz <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
