dépôts / lhc / web / wiklou.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 43e4b9e) | patch
SessionManager: Don't generate user tokens when checking the tokens
authorBrad Jorsch <bjorsch@wikimedia.org>
Thu, 28 Jan 2016 18:27:01 +0000 (13:27 -0500)
committerBrad Jorsch <bjorsch@wikimedia.org>
Thu, 28 Jan 2016 18:36:43 +0000 (13:36 -0500)
commit305bc75b27903237a9683ec1f329bcbec0ecd266
tree6005487a0a7bd9418066f863c81194ffb9f7535btree | snapshot
parent43e4b9e7c78ccedbe23489a220cfa8dc2ac5cf04commit | diff
SessionManager: Don't generate user tokens when checking the tokens

Looking at the pre-SessionManager token checking, it's apparently valid
to log in despite user_token being empty. The stored token just gets
compared against the empty string that got returned previously.

This also cleans up some checks that assumed $user->getToken() didn't
automatically create the token if one wasn't already set.

Bug: T125114
Change-Id: Ia3d2382e96e2a0146f33fb7193a2e00ea72e51a0
includes/session/SessionBackend.php diff | blob | history
includes/session/SessionManager.php diff | blob | history
includes/session/UserInfo.php diff | blob | history
tests/phpunit/includes/session/UserInfoTest.php diff | blob | history
Wiklou, le Wiki du Wiklou