r35932 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r35931‎ | r35932 | r35933 >
Date:14:50, 5 June 2008
Author:tstarling
Status:old
Tags:
Comment:
* Fix bug 14347: set CentralAuth cookies on UserSetCookies, instead of after the cookie check. This also means that it's unnecessary to set global cookies in UserSetPassword, since the relevant UI component will call UserSetCookies.
* Allow sending of CentralAuth cookies with no domain, by making a distinction between $wgCentralAuthCookieDomain=false and $wgCentralAuthCookieDomain=''. Requiring a domain to be set interfered with my test setup.
Modified paths:
  • /trunk/extensions/CentralAuth/CentralAuth.php (modified) (history)
  • /trunk/extensions/CentralAuth/CentralAuthHooks.php (modified) (history)
  • /trunk/extensions/CentralAuth/CentralAuthUser.php (modified) (history)

Diff [purge]

Index: trunk/extensions/CentralAuth/CentralAuthUser.php
@@ -1464,13 +1464,6 @@
14651465
14661466 // Reset the auth token.
14671467 $this->resetAuthToken();
1468 -
1469 - // Set cookies if this is the currently logged-in user
1470 - global $wgUser;
1471 - if ( isset( $wgUser->centralAuthObj ) && $wgUser->centralAuthObj === $this ) {
1472 - $this->setGlobalCookies();
1473 - }
1474 -
14751468 $this->invalidateCache();
14761469 return true;
14771470 }
Index: trunk/extensions/CentralAuth/CentralAuth.php
@@ -54,10 +54,10 @@
5555 * For instance, '.wikipedia.org' to work on all wikipedia.org subdomains
5656 * instead of just the current one.
5757 *
58 - * Leave blank to set the cookie for the current domain only, such as if
 58+ * Leave false to set the cookie for the current domain only, such as if
5959 * all your wikis are hosted on the same subdomain.
6060 */
61 -$wgCentralAuthCookieDomain = '';
 61+$wgCentralAuthCookieDomain = false;
6262
6363 /**
6464 * Prefix for CentralAuth global authentication cookies.
Index: trunk/extensions/CentralAuth/CentralAuthHooks.php
@@ -95,9 +95,7 @@
9696
9797 $centralUser = CentralAuthUser::getInstance( $user );
9898
99 - if ($centralUser->exists() && $centralUser->isAttached()) {
100 - $centralUser->setGlobalCookies($user);
101 - } else {
 99+ if (!$centralUser->exists() || !$centralUser->isAttached()) {
102100 return true;
103101 }
104102
@@ -450,14 +448,22 @@
451449 */
452450 static function onUserSetCookies( $user, &$session, &$cookies ) {
453451 global $wgCentralAuthCookies, $wgCentralAuthCookieDomain;
454 - if ( !$wgCentralAuthCookies || !$wgCentralAuthCookieDomain || $user->isAnon() ) {
 452+ if ( !$wgCentralAuthCookies || $wgCentralAuthCookieDomain === false || $user->isAnon() ) {
455453 return true;
456454 }
457455 $centralUser = CentralAuthUser::getInstance( $user );
458 - if ( $centralUser->isAttached() ) {
459 - unset( $session['wsToken'] );
 456+ if ( !$centralUser->isAttached() ) {
 457+ return true;
 458+ }
 459+
 460+ unset( $session['wsToken'] );
 461+ if ( !empty( $cookies['Token'] ) ) {
460462 unset( $cookies['Token'] );
 463+ $remember = true;
 464+ } else {
 465+ $remember = false;
461466 }
 467+ $centralUser->setGlobalCookies( $remember );
462468 return true;
463469 }
464470

Follow-up revisions

RevisionCommit summaryAuthorDate
r35959* Fix regression in cookies from r35932: allow empty $wgCentralAuthCookieDoma...brion23:59, 5 June 2008

Status & tagging log