CoreLibs/development
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update ACL\Login class with _GET/_POST login parameter

Browse Source 
loginUserId parameter in _GET or _POST for direct login without username
and password.

This can be secured by:
- must login after x days from set loginUserId on
- can only login with loginUserId in given time range
- flag lock loginUserId
This commit is contained in:
Clemens Schwaighofer
2022-06-22 13:52:47 +09:00
parent c35d3c9324
commit 04e4fe46f2
21 changed files with 1597 additions and 280 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
4dev/database/update/edit_update_missing_cuid.sql → 4dev/database/update/20190910-edit_update_missing_cuid.sql
View File

0
4dev/database/update/edit_tables_missing_columns.sql → 4dev/database/update/20191211-edit_tables_missing_columns.sql
View File

47
4dev/database/update/20220617-edit_user_login_user_id_add.sql Normal file
View File

@@ -0,0 +1,47 @@
-- 2022/6/17 update edit_user with login uid
-- the login uid, at least 32 chars
ALTER TABLE edit_user ADD login_user_id VARCHAR;
-- when above uid was set
ALTER TABLE edit_user ADD login_user_id_set_date TIMESTAMP WITHOUT TIME ZONE;
-- if set, from/until when the above uid is valid
ALTER TABLE edit_user ADD login_user_id_valid_from TIMESTAMP WITHOUT TIME ZONE;
ALTER TABLE edit_user ADD login_user_id_valid_until TIMESTAMP WITHOUT TIME ZONE;
-- user must login to revalidated login id after set days, 0 for forever
ALTER TABLE edit_user ADD login_user_id_revalidate_after INTERVAL NOT NULL DEFAULT '0 days';
-- lock for login user id, but still allow normal login
ALTER TABLE edit_user ADD login_user_id_locked SMALLINT NOT NULL DEFAULT 0;
-- disable login before date
ALTER TABLE edit_user ADD lock_until TIMESTAMP WITHOUT TIME ZONE;
-- disable login after date
ALTER TABLE edit_user ADD lock_after TIMESTAMP WITHOUT TIME ZONE;
CREATE OR REPLACE FUNCTION set_login_user_id_set_date()
RETURNS TRIGGER AS
$$
BEGIN
-- if new is not null/empty
-- and old one is null or old one different new one
-- set NOW()
-- if new one is NULL
-- set NULL
IF
NEW.login_user_id IS NOT NULL AND NEW.login_user_id <> '' AND
(OLD.login_user_id IS NULL OR NEW.login_user_id <> OLD.login_user_id)
THEN
NEW.login_user_id_set_date = NOW();
ELSIF NEW.login_user_id IS NULL OR NEW.login_user_id = '' THEN
NEW.login_user_id_set_date = NULL;
END IF;
RETURN NEW;
END;
$$
LANGUAGE 'plpgsql';
CREATE TRIGGER trg_edit_user_set_login_user_id_set_date
BEFORE INSERT OR UPDATE ON edit_user
FOR EACH ROW EXECUTE PROCEDURE set_login_user_id_set_date();
-- __END__