diff --git a/config/config.sample.php b/config/config.sample.php index 09eb6053c24..762633c7832 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -30,6 +30,9 @@ $CONFIG = array( /* Force use of HTTPS connection (true = use HTTPS) */ "forcessl" => false, +/* Time in seconds how long an user is authenticated without entering his password again before performing sensitive actions like creating or deleting users etc...*/ +"enhancedauthtime" => 15 * 60, + /* Theme to use for ownCloud */ "theme" => "", diff --git a/lib/json.php b/lib/json.php index 3e55f618430..b828f35f345 100644 --- a/lib/json.php +++ b/lib/json.php @@ -80,10 +80,9 @@ class OC_JSON{ } /** - * Check if the user verified the login with his password in the last 15 minutes + * Check if the user verified the login with his password */ public static function verifyUser() { - // Check if the user verified his password in the last 15 minutes if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { $l = OC_L10N::get('lib'); self::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); diff --git a/lib/setup.php b/lib/setup.php index 716b0ef063d..2ac91482e54 100644 --- a/lib/setup.php +++ b/lib/setup.php @@ -391,6 +391,9 @@ class OC_Setup { self::createHtaccess(); } + // Set the admin auth time + OC_Config::setValue('enhancedauthtime', 15 * 60); + //and we are done OC_Config::setValue('installed', true); } diff --git a/lib/util.php b/lib/util.php index ba2a02922a5..58d784057ac 100755 --- a/lib/util.php +++ b/lib/util.php @@ -394,11 +394,11 @@ class OC_Util { // Check password to set session if(isset($_POST['password'])) { if (OC_User::login(OC_User::getUser(), $_POST["password"] ) === true) { - $_SESSION['verifiedLogin']=time() + (15 * 60); + $_SESSION['verifiedLogin']=time() + OC_Config::getValue('enhancedauthtime'); } } - // Check if the user verified his password in the last 15 minutes + // Check if the user verified his password if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { OC_Template::printGuestPage("", "verify", array('username' => OC_User::getUser())); exit(); @@ -406,11 +406,10 @@ class OC_Util { } /** - * Check if the user verified the login with his password in the last 15 minutes + * Check if the user verified the login with his password * @return bool */ public static function isUserVerified() { - // Check if the user verified his password in the last 15 minutes if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { return false; }