Commit 85aadd67 authored by Tino Goratsch's avatar Tino Goratsch

- improved the user context hash generation

parent 9c75474e
......@@ -25,7 +25,6 @@ use Symfony\Component\HttpKernel\HttpKernelInterface;
*/
class HttpCache extends EventDispatchingHttpCache
{
const USER_CONTEXT_GUEST = 'ACP3_USER_CONTEXT_GUEST';
const JAVASCRIPTS_REGEX_PATTERN = MoveToBottom::ELEMENT_CATCHER_REGEX_PATTERN;
const PLACEHOLDER = '</body>';
......@@ -41,7 +40,6 @@ class HttpCache extends EventDispatchingHttpCache
parent::__construct($kernel, $store, $surrogate, $options);
$this->addSubscriber(new UserContextSubscriber([
'anonymous_hash' => md5(static::USER_CONTEXT_GUEST),
'user_hash_uri' => '/widget/users/index/hash/',
'session_name_prefix' => SessionHandlerInterface::SESSION_NAME
]));
......
......@@ -130,6 +130,12 @@ class Migration extends Modules\Installer\AbstractMigration
],
59 => [
"UPDATE `{pre}settings` SET `name` = 'cache_lifetime' WHERE `module_id` = {moduleId} AND `name` = 'cache_minify';"
],
60 => [
"INSERT INTO `{pre}settings` (`id`, `module_id`, `name`, `value`) VALUES ('', '{moduleId}', 'security_secret', '" . uniqid(mt_rand(), true) . "');",
],
61 => [
"INSERT INTO `{pre}settings` (`id`, `module_id`, `name`, `value`) VALUES ('', '{moduleId}', 'cache_vary_user', 0);",
]
];
}
......
......@@ -46,7 +46,7 @@ class Schema implements Modules\Installer\SchemaInterface
*/
public function getSchemaVersion()
{
return 59;
return 61;
}
/**
......@@ -97,6 +97,7 @@ class Schema implements Modules\Installer\SchemaInterface
return [
'cache_images' => true,
'cache_lifetime' => 3600,
'cache_vary_user' => 0,
'date_format_long' => '',
'date_format_short' => '',
'date_time_zone' => '',
......@@ -115,6 +116,7 @@ class Schema implements Modules\Installer\SchemaInterface
'maintenance_mode' => false,
'maintenance_message' => '',
'mod_rewrite' => false,
'security_secret' => uniqid(mt_rand(), true),
'wysiwyg' => 'core.wysiwyg.ckeditor'
];
}
......
......@@ -7,9 +7,7 @@
namespace ACP3\Modules\ACP3\Users\Controller\Widget\Index;
use ACP3\Core\Application\Bootstrap\HttpCache;
use ACP3\Core\Controller\WidgetAction;
use ACP3\Core\Session\SessionHandlerInterface;
/**
* Class Hash
......@@ -23,7 +21,6 @@ class Hash extends WidgetAction
public function execute()
{
$this->response->setPublic();
$this->response->setVary('cookie');
$this->response->setMaxAge(60);
$this->response->headers->add([
'Content-type' => 'application/vnd.fos.user-context-hash',
......@@ -38,16 +35,17 @@ class Hash extends WidgetAction
*/
private function generateUserContextHash()
{
$settings = $this->config->getSettings('system');
$hash = $settings['security_secret'];
if ($this->user->isAuthenticated()) {
$userRoles = implode('-', $this->acl->getUserRoleIds($this->user->getUserId()));
$hash .= implode('-', $this->acl->getUserRoleIds($this->user->getUserId()));
return md5(
$this->user->getUserId()
. '-' . $userRoles
. '-' . $this->request->getCookies()->get(SessionHandlerInterface::SESSION_NAME, '')
);
if (intval($settings['cache_vary_user']) === 1) {
$hash .= '-' . $this->user->getUserId();
}
}
return md5(HttpCache::USER_CONTEXT_GUEST);
return hash('sha512', $hash);
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment