Rev 1086 | Rev 1116 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 1086 | Rev 1108 | ||
|---|---|---|---|
| Line 43... | Line 43... | ||
| 43 | 43 | ||
| 44 | if ($ra->checkPassword($params['password'])) { |
44 | if ($ra->checkPassword($params['password'])) { |
| 45 | $remember_me = isset($params['remember_me']) && ($params['remember_me']); |
45 | $remember_me = isset($params['remember_me']) && ($params['remember_me']); |
| 46 | OIDplus::authUtils()->raLoginEx($email, $remember_me, 'Regular login'); |
46 | OIDplus::authUtils()->raLoginEx($email, $remember_me, 'Regular login'); |
| 47 | 47 | ||
| - | 48 | $authInfo = OIDplus::authUtils()->raGeneratePassword($params['password']); |
|
| - | 49 | ||
| - | 50 | // Rehash, so that we always have the latest default auth plugin and params |
|
| - | 51 | // Note that we do it every time (unlike PHPs recommended password_needs_rehash), |
|
| - | 52 | // because we are not sure which auth plugin created the hash (there might be multiple |
|
| - | 53 | // auth plugins that can verify this hash). So we just rehash on every login! |
|
| - | 54 | $new_authkey = $authInfo->getAuthKey(); |
|
| - | 55 | ||
| 48 | OIDplus::db()->query("UPDATE ###ra set last_login = ".OIDplus::db()->sqlDate()." where email = ?", array($email)); |
56 | OIDplus::db()->query("UPDATE ###ra set last_login = ".OIDplus::db()->sqlDate().", authkey = ? where email = ?", array($new_authkey, $email)); |
| 49 | 57 | ||
| 50 | return array("status" => 0); |
58 | return array("status" => 0); |
| 51 | } else { |
59 | } else { |
| 52 | if (OIDplus::config()->getValue('log_failed_ra_logins', false)) { |
60 | if (OIDplus::config()->getValue('log_failed_ra_logins', false)) { |
| 53 | if ($ra->existing()) { |
61 | if ($ra->existing()) { |