cafe-grader-web

Commit r884:490fbe2ccf0b public

parent | child
Description:
force log out when password change
Commit status:
[Not Reviewed]
References:
tip algo
Diff options:
Raw Diff | Patch Diff | Download Diff | Ignore whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r884:490fbe2ccf0b - - 2 files changed: 7 inserted, 1 deleted

Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -111,12 +111,17
111 unless is_request_ip_allowed?
111 unless is_request_ip_allowed?
112 unauthorized_redirect 'Your IP is not allowed to login at this time.'
112 unauthorized_redirect 'Your IP is not allowed to login at this time.'
113 return false
113 return false
114 end
114 end
115 end
115 end
116
116
117 + # check if password is changed
118 + if session[:last_password_hash] != @current_user.hashed_password
119 + unauthorized_redirect 'You are forced to log out.'
120 + end
121 +
117 if GraderConfiguration.multicontests?
122 if GraderConfiguration.multicontests?
118 return true if @current_user.admin?
123 return true if @current_user.admin?
119 begin
124 begin
120 if @current_user.contest_stat(true).forced_logout
125 if @current_user.contest_stat(true).forced_logout
121 flash[:notice] = 'You have been automatically logged out.'
126 flash[:notice] = 'You have been automatically logged out.'
122 redirect_to :controller => 'main', :action => 'index'
127 redirect_to :controller => 'main', :action => 'index'
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,10 +1,10
1 class LoginController < ApplicationController
1 class LoginController < ApplicationController
2
2
3 @@authenticators = []
3 @@authenticators = []
4 -
4 +
5 def index
5 def index
6 # show login screen
6 # show login screen
7 reset_session
7 reset_session
8 redirect_to :controller => 'main', :action => 'login'
8 redirect_to :controller => 'main', :action => 'login'
9 end
9 end
10
10
@@ -31,12 +31,13
31 #log different login
31 #log different login
32 end
32 end
33 end
33 end
34
34
35 #process logging in
35 #process logging in
36 session[:user_id] = user.id
36 session[:user_id] = user.id
37 + session[:last_password_hash] = user.hashed_password
37 session[:admin] = user.admin?
38 session[:admin] = user.admin?
38
39
39 # clear forced logout flag for multicontests contest change
40 # clear forced logout flag for multicontests contest change
40 if GraderConfiguration.multicontests?
41 if GraderConfiguration.multicontests?
41 contest_stat = user.contest_stat
42 contest_stat = user.contest_stat
42 if contest_stat.respond_to? :forced_logout
43 if contest_stat.respond_to? :forced_logout
You need to be logged in to leave comments. Login now