Fixes for per user authentication method

mantisbt · Apr 16, 2017 · 6810b10 · 6810b10
1 parent f937d87
commit 6810b10
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 16 deletions.
diff --git a/core/authentication_api.php b/core/authentication_api.php
@@ -115,7 +115,7 @@ function auth_flags( $p_user_id = null, $p_username = '' ) {
 
 		# Don't cache in case of user not in db.
 		if( $t_user_id ) {
-			$s_flags_cache[$t_flags] = $t_flags;
+			$s_flags_cache[$t_user_id] = $t_flags;
 		}
 	} else {
 		$t_flags = $s_flags_cache[$t_user_id];
@@ -218,20 +218,12 @@ function auth_login_page( $p_query_string = '' ) {
  *
  * @param string $p_query_string The query string, can be empty.
  * @param int|null $p_user_id The user id or null for current logged in user.
+ * @param string $p_username The username
  * @return string The credentials page with query string.
  */
-function auth_credential_page( $p_query_string = '', $p_user_id = null ) {
-	if( is_null( $p_user_id ) ) {
-		$p_user_id = auth_get_current_user_id();
-	}
-
-	$t_url = AUTH_PAGE_CREDENTIAL;
-	if( $p_user_id === NO_USER || !user_exists( $p_user_id ) ) {
-		return helper_url_combine( $t_url, $p_query_string );
-	}
-
-	# TODO: consult with auth plugins
-	return helper_url_combine( $t_url, $p_query_string );
+function auth_credential_page( $p_query_string, $p_user_id = null, $p_username = '' ) {
+	$t_auth_flags = auth_flags( $p_user_id, $p_username );
+	return $t_auth_flags->getCredentialsPage( $p_query_string );
 }
 
 /**

diff --git a/core/classes/AuthFlags.class.php b/core/classes/AuthFlags.class.php
@@ -213,11 +213,13 @@ function setCredentialsPage( $p_page ) {
 	 * Gets the page to use to ask for user credentials.  This should be a page that is
 	 * provided by MantisBT core or one of the plugins.  Such page can redirect as needed.
 	 *
+	 * @param string $p_query_string The query string or empty.
 	 * @return string The relative url for the credential page.
 	 * @see setCredentialsPage()
 	 */
-	function getCredentialsPage() {
-		return is_null( $this->credentials_page ) ? AUTH_PAGE_CREDENTIAL : $this->credentials_page;
+	function getCredentialsPage( $p_query_string ) {
+		$t_page = is_null( $this->credentials_page ) ? AUTH_PAGE_CREDENTIAL : $this->credentials_page;
+		return helper_url_combine( $t_page, $p_query_string );
 	}
 
 	/**

diff --git a/login_password_page.php b/login_password_page.php
@@ -80,7 +80,7 @@
 # Get the user id and based on the user decide whether to continue with native password credential
 # page or one provided by a plugin.
 $t_user_id = auth_get_user_id_from_login_name( $t_username );
-if( $t_user_id !== false && auth_credential_page() != AUTH_PAGE_CREDENTIAL ) {
+if( $t_user_id !== false && auth_credential_page( '', $t_user_id ) != AUTH_PAGE_CREDENTIAL ) {
 	$t_query_args = array(
 		'username' => $t_username,
         'cookie_error' => $f_cookie_error,