feat(user/edit): clear_remember_token
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Baoshuo Ren 2023-02-13 22:01:17 +08:00
parent dfdc2a0756
commit 80bca8dba0
Signed by: baoshuo
GPG Key ID: 00CB9680AB29F51A
2 changed files with 43 additions and 21 deletions

View File

@ -398,6 +398,24 @@ EOD);
dieWithAlert('密码修改成功!'); dieWithAlert('密码修改成功!');
} }
if (isSuperUser(Auth::user())) {
$clear_remember_token_form = new UOJForm('clear_remember_token');
$clear_remember_token_form->handle = function () use ($user) {
DB::update([
"update user_info",
"set", [
"remember_token" => "",
],
"where", ["username" => $user['username']]
]);
};
$clear_remember_token_form->config['submit_container']['class'] = 'text-end';
$clear_remember_token_form->config['submit_button']['class'] = 'btn btn-sm btn-danger';
$clear_remember_token_form->config['submit_button']['text'] = '清除 remember_token强制下线';
$clear_remember_token_form->config['confirm']['smart'] = true;
$clear_remember_token_form->runAtServer();
}
} elseif ($cur_tab == 'privilege') { } elseif ($cur_tab == 'privilege') {
$users_default_permissions = UOJContext::getMeta('users_default_permissions'); $users_default_permissions = UOJContext::getMeta('users_default_permissions');
$type_text = UOJLocale::get('user::normal user'); $type_text = UOJLocale::get('user::normal user');
@ -845,6 +863,12 @@ $pageTitle = $user['username'] == Auth::id()
<button type="submit" id="button-submit-change_password" name="submit-change_password" value="change_password" class="mt-3 btn btn-secondary">更新</button> <button type="submit" id="button-submit-change_password" name="submit-change_password" value="change_password" class="mt-3 btn btn-secondary">更新</button>
</div> </div>
</form> </form>
<?php if (isset($clear_remember_token_form)) : ?>
<hr />
<?php $clear_remember_token_form->printHTML() ?>
<?php endif ?>
</div> </div>
</div> </div>
<script> <script>

View File

@ -33,36 +33,34 @@ class Auth {
return $myUser[$name]; return $myUser[$name];
} }
public static function login($username, $remember = true) { public static function login($username) {
if (!validateUsername($username)) { if (!validateUsername($username)) {
return; return;
} }
$_SESSION['username'] = $username; $_SESSION['username'] = $username;
if ($remember) { $remember_token = DB::selectSingle([
$remember_token = DB::selectSingle([ "select remember_token from user_info",
"select remember_token from user_info", "where", ["username" => $username]
]);
if ($remember_token == '') {
$remember_token = uojRandString(60);
DB::update([
"update user_info",
"set", ["remember_token" => $remember_token],
"where", ["username" => $username] "where", ["username" => $username]
]); ]);
if ($remember_token == '') {
$remember_token = uojRandString(60);
DB::update([
"update user_info",
"set", ["remember_token" => $remember_token],
"where", ["username" => $username]
]);
}
$_SESSION['last_login'] = time();
$_SESSION['remember_token'] = $remember_token;
$expire = time() + 60 * 60 * 24 * 7;
Cookie::safeSet('uoj_username', $username, $expire, '/', array('httponly' => true));
Cookie::safeSet('uoj_remember_token', $remember_token, $expire, '/', array('httponly' => true));
} }
$_SESSION['last_login'] = time();
$_SESSION['remember_token'] = $remember_token;
$expire = time() + 60 * 60 * 24 * 7;
Cookie::safeSet('uoj_username', $username, $expire, '/', array('httponly' => true));
Cookie::safeSet('uoj_remember_token', $remember_token, $expire, '/', array('httponly' => true));
DB::update([ DB::update([
"update user_info", "update user_info",
"set", ["last_login_time" => UOJTime::$time_now_str], "set", ["last_login_time" => UOJTime::$time_now_str],
@ -75,7 +73,7 @@ class Auth {
public static function logout() { public static function logout() {
session_unset(); session_unset();
Cookie::safeUnset(session_name(), '/'); Cookie::unsetVar(session_name(), '/');
Cookie::safeUnset('uoj_username', '/'); Cookie::safeUnset('uoj_username', '/');
Cookie::safeUnset('uoj_remember_token', '/'); Cookie::safeUnset('uoj_remember_token', '/');