Commit 2f40f919 authored by Clément OUDOT's avatar Clément OUDOT

Delete captcha session only when authentication process is finished (#LEMONLDAP-788)

git-svn-id: svn://svn.forge.objectweb.org/svnroot/lemonldap/branches/lemonldap-ng_version_1_4-bugfixes@3633 1dbb9719-a921-0410-b57f-c3a383c2c641
parent 112551fa
......@@ -71,7 +71,7 @@ use Digest::MD5;
#inherits Apache::Session
#link Lemonldap::NG::Common::Apache::Session::SOAP protected globalStorage
our $VERSION = '1.4.2';
our $VERSION = '1.4.4';
use base qw(Lemonldap::NG::Common::CGI Exporter);
our @ISA;
......@@ -649,14 +649,6 @@ sub checkCaptcha {
}
);
# Remove captcha session (will not be used anymore)
if ( $captcha->removeSession ) {
$self->lmLog( "Code $code match captcha $ccode", 'debug' );
}
else {
$self->lmLog( "Unable to remove captcha session $ccode", 'warn' );
}
# Check code
if ( $captcha && $captcha->code ) {
......@@ -670,6 +662,34 @@ sub checkCaptcha {
return 0;
}
## @method int removeCaptcha(ccode)
# Remove captcha session
# @param captcha code generated by Authen::Captcha
# @return a constant
sub removeCaptcha {
my ( $self, $ccode ) = splice @_;
# Get captcha object
my $captcha = Lemonldap::NG::Common::Captcha->new(
{
storageModule => $self->{captchaStorage},
storageModuleOptions => $self->{captchaStorageOptions},
md5 => $ccode,
size => $self->{captcha_size},
}
);
# Remove captcha session (will not be used anymore)
if ( $captcha->removeSession ) {
$self->lmLog( "Captcha session $ccode removed", 'debug' );
return 0;
}
else {
$self->lmLog( "Unable to remove captcha session $ccode", 'warn' );
return 1;
}
}
## @method boolean isTrustedUrl(string url)
# Check if an URL's domain name is declared in LL::NG config or is declared as trusted domain
# @param url Parameter url
......@@ -1644,9 +1664,8 @@ sub controlExistingSession {
'debug'
);
if (
$self->{sessionInfo}->{'_auth'} ne $self->get_module('auth')
)
if ( $self->{sessionInfo}->{'_auth'} ne
$self->get_module('auth') )
{
my $module_name = 'Lemonldap::NG::Portal::Auth'
. $self->{sessionInfo}->{_auth};
......@@ -2360,6 +2379,11 @@ sub store {
sub authFinish {
my $self = shift;
# Remove captcha session
if ( $self->{captcha_check_code} ) {
$self->removeCaptcha( $self->{captcha_check_code} );
}
eval { $self->{error} = $self->SUPER::authFinish; };
if ($@) {
$self->lmLog(
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment