Delete captcha session only when authentication process is finished (#788)
This commit is contained in:
parent
68c9968f3d
commit
a31663cf38
|
@ -71,7 +71,7 @@ use Digest::MD5;
|
|||
#inherits Apache::Session
|
||||
#link Lemonldap::NG::Common::Apache::Session::SOAP protected globalStorage
|
||||
|
||||
our $VERSION = '1.4.2';
|
||||
our $VERSION = '1.4.4';
|
||||
|
||||
use base qw(Lemonldap::NG::Common::CGI Exporter);
|
||||
our @ISA;
|
||||
|
@ -657,14 +657,6 @@ sub checkCaptcha {
|
|||
}
|
||||
);
|
||||
|
||||
# Remove captcha session (will not be used anymore)
|
||||
if ( $captcha->removeSession ) {
|
||||
$self->lmLog( "Code $code match captcha $ccode", 'debug' );
|
||||
}
|
||||
else {
|
||||
$self->lmLog( "Unable to remove captcha session $ccode", 'warn' );
|
||||
}
|
||||
|
||||
# Check code
|
||||
if ( $captcha && $captcha->code ) {
|
||||
|
||||
|
@ -678,6 +670,34 @@ sub checkCaptcha {
|
|||
return 0;
|
||||
}
|
||||
|
||||
## @method int removeCaptcha(ccode)
|
||||
# Remove captcha session
|
||||
# @param captcha code generated by Authen::Captcha
|
||||
# @return a constant
|
||||
sub removeCaptcha {
|
||||
my ( $self, $ccode ) = splice @_;
|
||||
|
||||
# Get captcha object
|
||||
my $captcha = Lemonldap::NG::Common::Captcha->new(
|
||||
{
|
||||
storageModule => $self->{captchaStorage},
|
||||
storageModuleOptions => $self->{captchaStorageOptions},
|
||||
md5 => $ccode,
|
||||
size => $self->{captcha_size},
|
||||
}
|
||||
);
|
||||
|
||||
# Remove captcha session (will not be used anymore)
|
||||
if ( $captcha->removeSession ) {
|
||||
$self->lmLog( "Captcha session $ccode removed", 'debug' );
|
||||
return 0;
|
||||
}
|
||||
else {
|
||||
$self->lmLog( "Unable to remove captcha session $ccode", 'warn' );
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
||||
## @method boolean isTrustedUrl(string url)
|
||||
# Check if an URL's domain name is declared in LL::NG config or is declared as trusted domain
|
||||
# @param url Parameter url
|
||||
|
@ -1654,9 +1674,8 @@ sub controlExistingSession {
|
|||
'debug'
|
||||
);
|
||||
|
||||
if (
|
||||
$self->{sessionInfo}->{'_auth'} ne $self->get_module('auth')
|
||||
)
|
||||
if ( $self->{sessionInfo}->{'_auth'} ne
|
||||
$self->get_module('auth') )
|
||||
{
|
||||
my $module_name = 'Lemonldap::NG::Portal::Auth'
|
||||
. $self->{sessionInfo}->{_auth};
|
||||
|
@ -2370,6 +2389,11 @@ sub store {
|
|||
sub authFinish {
|
||||
my $self = shift;
|
||||
|
||||
# Remove captcha session
|
||||
if ( $self->{captcha_check_code} ) {
|
||||
$self->removeCaptcha( $self->{captcha_check_code} );
|
||||
}
|
||||
|
||||
eval { $self->{error} = $self->SUPER::authFinish; };
|
||||
if ($@) {
|
||||
$self->lmLog(
|
||||
|
|
Loading…
Reference in New Issue
Block a user