Merge pull request #2890 from drshawnkwang/sak-fix-consentauth2

Added token authentication to agreetotermsofuse form. (cherry picked from commit 1af5ecf)
BOINC · Dec 7, 2018 · 6f9dd8d · 6f9dd8d
1 parent c4357e4
commit 6f9dd8d
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 0 deletions.
diff --git a/html/inc/consent.inc b/html/inc/consent.inc
@@ -72,6 +72,8 @@ function intercept_login($user, $perm, $in_next_url = "") {
     $config = get_config();
     if ( parse_bool($config, "enable_login_mustagree_termsofuse") and $checkct and check_termsofuse() and (!check_user_consent($user, CONSENT_TYPE_ENROLL))) {
         // sent user to terms-of-use Web form after login
+        $mytoken = create_token($user->id, TOKEN_TYPE_LOGIN_INTERCEPT, TOKEN_DURATION_TWO_HOURS);
+        send_cookie('logintoken', $mytoken, false);
         send_cookie('tempuserid', $user->id, false);
         send_cookie('tempperm', $perm, false);
         $save_url = $in_next_url;

diff --git a/html/inc/token.inc b/html/inc/token.inc
@@ -22,8 +22,10 @@ require_once("../inc/util.inc");
 // Constants for valid token types
 define("TOKEN_TYPE_DELETE_ACCOUNT", "D");
 define("TOKEN_TYPE_CHANGE_EMAIL", "E");
+define("TOKEN_TYPE_LOGIN_INTERCEPT", "L");
 
 // Constants for token durations
+define("TOKEN_DURATION_TWO_HOURS", 7200);
 define("TOKEN_DURATION_ONE_DAY", 86400);
 define("TOKEN_DURATION_ONE_WEEK", 604800);
 

diff --git a/html/user/user_agreetermsofuse_action.php b/html/user/user_agreetermsofuse_action.php
@@ -24,6 +24,10 @@
 require_once("../inc/user.inc");
 require_once("../inc/consent.inc");
 
+if (empty($_POST)) {
+    error_page(tra("Website error when attempting to agree to terms of use. Please contact the site administrators."));
+}
+
 // Get the next url from POST
 $next_url = post_str("next_url", true);
 $next_url = urldecode($next_url);
@@ -39,6 +43,11 @@
 }
 
 // Obtain data from cookies
+if (isset($_COOKIE['logintoken'])) {
+    $logintoken = $_COOKIE['logintoken'];
+} else {
+    error_page(tra("Website error when attempting to agree to terms of use."));
+}
 if (isset($_COOKIE['tempuserid'])) {
     $userid = $_COOKIE['tempuserid'];
 }
@@ -51,6 +60,16 @@
 else {
     error_page(tra("Website error when attempting to agree to terms of use. Please contact the site administrators."));
 }
+
+// Verify login token to authenticate the account.
+// Delete the token immediately afterwards to prevent any abuse or
+// misuse of the token.
+if (!is_valid_token($userid, $logintoken, TOKEN_TYPE_LOGIN_INTERCEPT)) {
+    delete_token($userid, $logintoken, TOKEN_TYPE_LOGIN_INTERCEPT);
+    error_page(tra("Authentication error attempting to agree to terms of use."));
+}
+delete_token($userid, $logintoken, TOKEN_TYPE_LOGIN_INTERCEPT);
+
 $user = BoincUser::lookup_id_nocache($userid);
 $authenticator = $user->authenticator;
 
@@ -68,6 +87,7 @@
 
 // Log-in user
 send_cookie('auth', $authenticator, $perm);
+clear_cookie('logintoken');
 clear_cookie('tempuserid');
 clear_cookie('tempperm');