From 19a1628b5a270495967ad9ee942a9b536b70299e Mon Sep 17 00:00:00 2001 From: Christian Weiske Date: Sat, 30 Jul 2016 00:08:52 +0200 Subject: Support full automatic no-questions-asked login - ?me=.. on homepage redirects to auth - ?dontask=1 skips confirmation questions - "reply" and other parameters are transferred across login --- controllers/auth.php | 26 ++++++++++++++++++++------ 1 file changed, 20 insertions(+), 6 deletions(-) (limited to 'controllers/auth.php') diff --git a/controllers/auth.php b/controllers/auth.php index c6c4ad8..a02e047 100644 --- a/controllers/auth.php +++ b/controllers/auth.php @@ -1,7 +1,7 @@ get('/', function($format='html') use($app) { $res = $app->response(); - + $params = $app->request()->params(); + if (k($params, 'me')) { + $app->redirect('/auth/start?'.http_build_query($params), 302); + } ob_start(); render('index', array( @@ -62,7 +65,10 @@ $app->get('/auth/start', function() use($app) { $_SESSION['auth_state'] = $state; $scope = 'post'; - $authorizationURL = IndieAuth\Client::buildAuthorizationURL($authorizationEndpoint, $me, buildRedirectURI(), Config::$base_url, $state, $scope); + $cleanparams = $params; + unset($cleanparams['me']); + unset($cleanparams['redirect']); + $authorizationURL = IndieAuth\Client::buildAuthorizationURL($authorizationEndpoint, $me, buildRedirectURI($cleanparams), Config::$base_url, $state, $scope); } else { $authorizationURL = false; } @@ -99,6 +105,10 @@ $app->get('/auth/start', function() use($app) { $user->micropub_access_token = ''; // blank out the access token if they attempt to sign in again $user->save(); + if (k($params, 'dontask') && $params['dontask']) { + $app->redirect($authorizationURL, 302); + } + $html = render('auth_start', array( 'title' => 'Sign In', 'me' => $me, @@ -219,13 +229,17 @@ $app->get('/auth/callback', function() use($app) { unset($_SESSION['auth_state']); - if($redirectToDashboardImmediately) { + if($redirectToDashboardImmediately || k($params, 'dontask')) { if(k($_SESSION, 'redirect_after_login')) { $dest = $_SESSION['redirect_after_login']; unset($_SESSION['redirect_after_login']); $app->redirect($dest, 301); } else { - $app->redirect('/new', 301); + $cleanparams = $params; + unset($cleanparams['code']); + unset($cleanparams['me']); + unset($cleanparams['state']); + $app->redirect('/new?' . http_build_query($cleanparams), 301); } } else { $html = render('auth_callback', array( -- cgit v1.2.3