archive/phabricator
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Consolidate use of magical cookie name strings

Browse Source 
Summary: Ref T4339. We have more magical cookie names than we should, move them all to a central location.

Test Plan: Registered, logged in, linked account, logged out. See inlines.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4339

Differential Revision: https://secure.phabricator.com/D8041
This commit is contained in:
epriestley
2014-01-23 14:01:35 -08:00
parent 02aa193cb0
commit 0727418023
15 changed files with 116 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/applications/auth/controller/PhabricatorAuthController.php
View File

@@ -88,8 +88,12 @@ abstract class PhabricatorAuthController extends PhabricatorController {
// there's no check for users being disabled here.
$request = $this->getRequest();
$request->setCookie('phusr', $user->getUsername());
$request->setCookie('phsid', $session_key);
$request->setCookie(
PhabricatorCookies::COOKIE_USERNAME,
$user->getUsername());
$request->setCookie(
PhabricatorCookies::COOKIE_SESSION,
$session_key);
$this->clearRegistrationCookies();
}
@@ -101,15 +105,15 @@ abstract class PhabricatorAuthController extends PhabricatorController {
$request = $this->getRequest();
// Clear the registration key.
$request->clearCookie('phreg');
$request->clearCookie(PhabricatorCookies::COOKIE_REGISTRATION);
// Clear the client ID / OAuth state key.
$request->clearCookie('phcid');
$request->clearCookie(PhabricatorCookies::COOKIE_CLIENTID);
}
private function buildLoginValidateResponse(PhabricatorUser $user) {
$validate_uri = new PhutilURI($this->getApplicationURI('validate/'));
$validate_uri->setQueryParam('phusr', $user->getUsername());
$validate_uri->setQueryParam('expect', $user->getUsername());
return id(new AphrontRedirectResponse())->setURI((string)$validate_uri);
}
@@ -168,7 +172,8 @@ abstract class PhabricatorAuthController extends PhabricatorController {
return array($account, $provider, $response);
}
$registration_key = $request->getCookie('phreg');
$registration_key = $request->getCookie(
PhabricatorCookies::COOKIE_REGISTRATION);
// NOTE: This registration key check is not strictly necessary, because
// we're only creating new accounts, not linking existing accounts. It
@@ -181,7 +186,7 @@ abstract class PhabricatorAuthController extends PhabricatorController {
// since you could have simply completed the process yourself.
if (!$registration_key) {
$response = $this->renderError(
$response = $this->renderError(
pht(
'Your browser did not submit a registration key with the request. '.
'You must use the same browser to begin and complete registration. '.