Commit graph

13 commits

Author SHA1 Message Date
ArthurHoaro
63b0059ed5 Fix broken route to filter not tagged bookmarks
Also display the filter for visitors.

Fixes #1529
2020-08-31 14:09:27 +02:00
ArthurHoaro
fabff3835d Move PHP and config init to dedicated file
in order to keep index.php as minimal as possible
2020-07-23 21:19:21 +02:00
ArthurHoaro
a8c11451e8 Process login through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
c4ad3d4f06 Process Shaarli install through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
ef00f9d203 Process password change controller through Slim 2020-07-23 21:19:21 +02:00
ArthurHoaro
af290059d1 Process session filters through Slim controllers
Including:
  - visibility
  - links per page
  - untagged only
2020-07-23 21:19:21 +02:00
ArthurHoaro
c266a89d0f Process tag cloud page through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
6c50a6ccce Render login page through Slim controller 2020-01-26 11:34:14 +01:00
VirtualTam
8edd7f1588 SessionManager+LoginManager: fix checkLoginState logic
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam
ebf6151738 SessionManager: remove unused UID token
There already are dedicated tokens for:
- CSRF protection
- user stay-signed-in feature, via cookie

This token was most likely intended as a randomly generated,
server-side, secret key to be used when generating hashes.

See http://sebsauvage.net/wiki/doku.php?id=php:session [FR]

Relevant section:

  Une clé secrète unique aléatoire est générée côté serveur (et jamais
  envoyée). Elle peut servir pour signer les formulaires (HMAC) ou
  générer des token de formulaires (protection contre XSRF).
  Voir $_SESSION['uid'].

Translation:

  A unique, server-side secret key is randomly generated (and never
  transmitted). It can be used to sign forms (HMAC) or generate form
  tokens (protection against XSRF).
  See $_SESSION['uid']

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam
c689e10863 Refactor LoginManager stay-signed-in token management
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam
51f0128cdb Refactor session and cookie timeout control
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
VirtualTam
fab87c2696 Move LoginManager and SessionManager to the Security namespace
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
Renamed from application/SessionManager.php (Browse further)