Merge pull request #3230 from Icinga/bugfix/application-state-log-out-2882

/application-state: ignore unauthenticated requests
This commit is contained in:
lippserd 2018-01-16 10:20:13 +01:00 committed by GitHub
commit 44fccfff4d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -14,43 +14,48 @@ use Icinga\Web\Session;
*/ */
class ApplicationStateController extends Controller class ApplicationStateController extends Controller
{ {
protected $requiresAuthentication = false;
public function indexAction() public function indexAction()
{ {
$this->_helper->layout()->disableLayout(); $this->_helper->layout()->disableLayout();
if (isset($_COOKIE['icingaweb2-session'])) {
$last = (int) $_COOKIE['icingaweb2-session']; if ($this->Auth()->isAuthenticated()) {
} else { if (isset($_COOKIE['icingaweb2-session'])) {
$last = 0; $last = (int) $_COOKIE['icingaweb2-session'];
} } else {
$now = time(); $last = 0;
if ($last + 600 < $now) { }
Session::getSession()->write(); $now = time();
$params = session_get_cookie_params(); if ($last + 600 < $now) {
setcookie( Session::getSession()->write();
'icingaweb2-session', $params = session_get_cookie_params();
$now, setcookie(
null, 'icingaweb2-session',
$params['path'], $now,
$params['domain'], null,
$params['secure'], $params['path'],
$params['httponly'] $params['domain'],
); $params['secure'],
$_COOKIE['icingaweb2-session'] = $now; $params['httponly']
} );
$announcementCookie = new AnnouncementCookie(); $_COOKIE['icingaweb2-session'] = $now;
$announcementRepo = new AnnouncementIniRepository(); }
if ($announcementCookie->getEtag() !== $announcementRepo->getEtag()) { $announcementCookie = new AnnouncementCookie();
$announcementCookie $announcementRepo = new AnnouncementIniRepository();
->setEtag($announcementRepo->getEtag()) if ($announcementCookie->getEtag() !== $announcementRepo->getEtag()) {
->setNextActive($announcementRepo->findNextActive()); $announcementCookie
$this->getResponse()->setCookie($announcementCookie); ->setEtag($announcementRepo->getEtag())
$this->getResponse()->setHeader('X-Icinga-Announcements', 'refresh', true); ->setNextActive($announcementRepo->findNextActive());
} else {
$nextActive = $announcementCookie->getNextActive();
if ($nextActive && $nextActive <= $now) {
$announcementCookie->setNextActive($announcementRepo->findNextActive());
$this->getResponse()->setCookie($announcementCookie); $this->getResponse()->setCookie($announcementCookie);
$this->getResponse()->setHeader('X-Icinga-Announcements', 'refresh', true); $this->getResponse()->setHeader('X-Icinga-Announcements', 'refresh', true);
} else {
$nextActive = $announcementCookie->getNextActive();
if ($nextActive && $nextActive <= $now) {
$announcementCookie->setNextActive($announcementRepo->findNextActive());
$this->getResponse()->setCookie($announcementCookie);
$this->getResponse()->setHeader('X-Icinga-Announcements', 'refresh', true);
}
} }
} }