Skip to content

Commit

Permalink
MDL-19962 new option for forcing of regeneration of the session id du…
Browse files Browse the repository at this point in the history 
…ring each login request
  • Loading branch information
skodak committed Aug 6, 2009
1 parent 58d1d16 commit b8451e2
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 0 deletions.
1 change: 1 addition & 0 deletions admin/settings/security.php
View file
Expand Up @@ -65,6 +65,7 @@
$temp->add(new admin_setting_configcheckbox('loginhttps', get_string('loginhttps', 'admin'), get_string('configloginhttps', 'admin'), 0)); $temp->add(new admin_setting_configcheckbox('loginhttps', get_string('loginhttps', 'admin'), get_string('configloginhttps', 'admin'), 0));
$temp->add(new admin_setting_configcheckbox('cookiesecure', get_string('cookiesecure', 'admin'), get_string('configcookiesecure', 'admin'), 0)); $temp->add(new admin_setting_configcheckbox('cookiesecure', get_string('cookiesecure', 'admin'), get_string('configcookiesecure', 'admin'), 0));
$temp->add(new admin_setting_configcheckbox('cookiehttponly', get_string('cookiehttponly', 'admin'), get_string('configcookiehttponly', 'admin'), 0)); $temp->add(new admin_setting_configcheckbox('cookiehttponly', get_string('cookiehttponly', 'admin'), get_string('configcookiehttponly', 'admin'), 0));
$temp->add(new admin_setting_configcheckbox('sessionloginreset', get_string('sessionloginreset', 'admin'), get_string('configsessionloginreset', 'admin'), 0));
$ADMIN->add('security', $temp); $ADMIN->add('security', $temp);




Expand Down
2 changes: 2 additions & 0 deletions lang/en_utf8/admin.php
View file
Expand Up @@ -208,6 +208,7 @@
$string['configrcachettl'] = 'Time-to-live for cached records, in seconds. Use a short (<15) value here.'; $string['configrcachettl'] = 'Time-to-live for cached records, in seconds. Use a short (<15) value here.';
$string['configrecaptchaprivatekey'] = 'String of characters used to communicate between your Moodle server and the recaptcha.net server. Obtain one for this site by visiting http://recaptcha.net'; $string['configrecaptchaprivatekey'] = 'String of characters used to communicate between your Moodle server and the recaptcha.net server. Obtain one for this site by visiting http://recaptcha.net';
$string['configrecaptchapublickey'] = 'String of characters used to display the reCAPTCHA element in the signup form. Generated by http://recaptcha.net'; $string['configrecaptchapublickey'] = 'String of characters used to display the reCAPTCHA element in the signup form. Generated by http://recaptcha.net';
$string['configregenloginsession'] = 'Regeneration of the session id during each login request is highly recommended. This setting might not be compatible with some authentication plugins.';
$string['configrequestedstudentname'] = 'Word for student used in requested courses'; $string['configrequestedstudentname'] = 'Word for student used in requested courses';
$string['configrequestedstudentsname'] = 'Word for students used in requested courses'; $string['configrequestedstudentsname'] = 'Word for students used in requested courses';
$string['configrequestedteachername'] = 'Word for teacher used in requested courses'; $string['configrequestedteachername'] = 'Word for teacher used in requested courses';
Expand Down Expand Up @@ -644,6 +645,7 @@
$string['rcachettl'] = 'Record cache TTL'; $string['rcachettl'] = 'Record cache TTL';
$string['recaptchapublickey'] = 'ReCAPTCHA public key'; $string['recaptchapublickey'] = 'ReCAPTCHA public key';
$string['recaptchaprivatekey'] = 'ReCAPTCHA private key'; $string['recaptchaprivatekey'] = 'ReCAPTCHA private key';
$string['regenloginsession'] = 'Regenerate session id during login';
$string['releasenoteslink'] = 'For information about this version of Moodle, please see the online <a target=\"_blank\" href=\"$a\">Release Notes</a>'; $string['releasenoteslink'] = 'For information about this version of Moodle, please see the online <a target=\"_blank\" href=\"$a\">Release Notes</a>';
$string['remotelangnotavailable'] = 'Because Moodle can not connect to download.moodle.org, we are unable to do language pack installation automatically. Please download the appropriate zip file(s) from the list below, copy them to your $a directory and unzip them manually.'; $string['remotelangnotavailable'] = 'Because Moodle can not connect to download.moodle.org, we are unable to do language pack installation automatically. Please download the appropriate zip file(s) from the list below, copy them to your $a directory and unzip them manually.';
$string['renameerrors'] = 'Rename errors'; $string['renameerrors'] = 'Rename errors';
Expand Down
5 changes: 5 additions & 0 deletions lib/moodlelib.php
View file
Expand Up @@ -3232,6 +3232,11 @@ function complete_user_login($user) {


$USER = $user; // this is required because we need to access preferences here! $USER = $user; // this is required because we need to access preferences here!


if (!empty($CFG->regenloginsession)) {
// please note this setting may break some auth plugins
session_regenerate_id();
}

reload_user_preferences(); reload_user_preferences();


update_user_login_times(); update_user_login_times();
Expand Down

0 comments on commit b8451e2

Please sign in to comment.