Delete captcha session only when authentication process is finished (#788)
This commit is contained in:
parent
68c9968f3d
commit
a31663cf38
@ -71,7 +71,7 @@ use Digest::MD5;
|
|||||||
#inherits Apache::Session
|
#inherits Apache::Session
|
||||||
#link Lemonldap::NG::Common::Apache::Session::SOAP protected globalStorage
|
#link Lemonldap::NG::Common::Apache::Session::SOAP protected globalStorage
|
||||||
|
|
||||||
our $VERSION = '1.4.2';
|
our $VERSION = '1.4.4';
|
||||||
|
|
||||||
use base qw(Lemonldap::NG::Common::CGI Exporter);
|
use base qw(Lemonldap::NG::Common::CGI Exporter);
|
||||||
our @ISA;
|
our @ISA;
|
||||||
@ -657,14 +657,6 @@ sub checkCaptcha {
|
|||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
||||||
# Remove captcha session (will not be used anymore)
|
|
||||||
if ( $captcha->removeSession ) {
|
|
||||||
$self->lmLog( "Code $code match captcha $ccode", 'debug' );
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$self->lmLog( "Unable to remove captcha session $ccode", 'warn' );
|
|
||||||
}
|
|
||||||
|
|
||||||
# Check code
|
# Check code
|
||||||
if ( $captcha && $captcha->code ) {
|
if ( $captcha && $captcha->code ) {
|
||||||
|
|
||||||
@ -678,6 +670,34 @@ sub checkCaptcha {
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
## @method int removeCaptcha(ccode)
|
||||||
|
# Remove captcha session
|
||||||
|
# @param captcha code generated by Authen::Captcha
|
||||||
|
# @return a constant
|
||||||
|
sub removeCaptcha {
|
||||||
|
my ( $self, $ccode ) = splice @_;
|
||||||
|
|
||||||
|
# Get captcha object
|
||||||
|
my $captcha = Lemonldap::NG::Common::Captcha->new(
|
||||||
|
{
|
||||||
|
storageModule => $self->{captchaStorage},
|
||||||
|
storageModuleOptions => $self->{captchaStorageOptions},
|
||||||
|
md5 => $ccode,
|
||||||
|
size => $self->{captcha_size},
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
# Remove captcha session (will not be used anymore)
|
||||||
|
if ( $captcha->removeSession ) {
|
||||||
|
$self->lmLog( "Captcha session $ccode removed", 'debug' );
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$self->lmLog( "Unable to remove captcha session $ccode", 'warn' );
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
## @method boolean isTrustedUrl(string url)
|
## @method boolean isTrustedUrl(string url)
|
||||||
# Check if an URL's domain name is declared in LL::NG config or is declared as trusted domain
|
# Check if an URL's domain name is declared in LL::NG config or is declared as trusted domain
|
||||||
# @param url Parameter url
|
# @param url Parameter url
|
||||||
@ -1654,9 +1674,8 @@ sub controlExistingSession {
|
|||||||
'debug'
|
'debug'
|
||||||
);
|
);
|
||||||
|
|
||||||
if (
|
if ( $self->{sessionInfo}->{'_auth'} ne
|
||||||
$self->{sessionInfo}->{'_auth'} ne $self->get_module('auth')
|
$self->get_module('auth') )
|
||||||
)
|
|
||||||
{
|
{
|
||||||
my $module_name = 'Lemonldap::NG::Portal::Auth'
|
my $module_name = 'Lemonldap::NG::Portal::Auth'
|
||||||
. $self->{sessionInfo}->{_auth};
|
. $self->{sessionInfo}->{_auth};
|
||||||
@ -2370,6 +2389,11 @@ sub store {
|
|||||||
sub authFinish {
|
sub authFinish {
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
|
|
||||||
|
# Remove captcha session
|
||||||
|
if ( $self->{captcha_check_code} ) {
|
||||||
|
$self->removeCaptcha( $self->{captcha_check_code} );
|
||||||
|
}
|
||||||
|
|
||||||
eval { $self->{error} = $self->SUPER::authFinish; };
|
eval { $self->{error} = $self->SUPER::authFinish; };
|
||||||
if ($@) {
|
if ($@) {
|
||||||
$self->lmLog(
|
$self->lmLog(
|
||||||
|
Loading…
Reference in New Issue
Block a user