[Nagvis-checkins] SF.net Git: nagvis: logging in by url parameters now supports onetime flag to prevent setting an auth cookie

[lars]

Author:   Lars Michelsen <l...@larsmichelsen.com>
Date:     Thu Apr 18 18:41:14 2013 +0200
Committer:   Lars Michelsen <l...@larsmichelsen.com>
Commit-Date: Thu Apr 18 18:41:14 2013 +0200

logging in by url parameters now supports onetime flag to prevent setting an 
auth cookie

---

 .../server/core/classes/CoreLogonDialogHandler.php |   15 ++++++++++-----
 1 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/share/server/core/classes/CoreLogonDialogHandler.php 
b/share/server/core/classes/CoreLogonDialogHandler.php
index e31ce53..4440573 100644
--- a/share/server/core/classes/CoreLogonDialogHandler.php
+++ b/share/server/core/classes/CoreLogonDialogHandler.php
@@ -39,8 +39,10 @@ class CoreLogonDialogHandler {
                 // Try to authenticate the user
                 $result = $AUTH->isAuthenticated();
                 if($result === true) {
-                    // Success: Store in session
-                    $AUTH->storeInSession();
+                    if(!isset($data['onetime'])) {
+                        // Success: Store in session
+                        $AUTH->storeInSession();
+                    }
                     return true;
                 } else {
                     throw new FieldInputError(null, l('Authentication 
failed.'));
@@ -59,9 +61,6 @@ class CoreLogonDialogHandler {
     }
 
     private function handleResponseAuth() {
-        $attr = Array('_username' => MATCH_USER_NAME,
-                      '_password' => null);
-
         $FHANDLER = new CoreRequestHandler(array_merge($_GET, $_POST));
 
         // Don't try to auth if one of the vars is missing
@@ -79,6 +78,12 @@ class CoreLogonDialogHandler {
         
         $a = Array('user'     => $FHANDLER->get('_username'),
                    'password' => $FHANDLER->get('_password'));
+
+        // It is possible to only request onetime access to prevent getting 
added
+        // and authentication cookie
+        if(isset($_REQUEST['_onetime'])) {
+            $a['onetime'] = true;
+        }
     
         // Remove authentication infos. Hide it from the following code
         if(isset($_REQUEST['_username']))


------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
Nagvis-checkins mailing list
Nagvis-checkins@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagvis-checkins