Merge pull request #7678 from annando/remote-rework

Reworked the remote authentication

src/Core/ACL.php

@@ -11,6 +11,7 @@ use Friendica\Content\Feature;
 use Friendica\Database\DBA;
 use Friendica\Model\Contact;
 use Friendica\Model\GContact;
+use Friendica\Core\Session;
 use Friendica\Util\Network;
 
 /**
@@ -333,7 +334,7 @@ class ACL extends BaseObject
 	 */
 	public static function contactAutocomplete($search, $mode, int $page = 1)
 	{
-		if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
+		if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
 			return [];
 		}
 

src/Core/Session.php

@@ -53,7 +53,7 @@ class Session
 
 	/**
 	 * Retrieves a key from the session super global or the defaults if the key is missing or the value is falsy.
-	 * 
+	 *
 	 * Handle the case where session_start() hasn't been called and the super global isn't available.
 	 *
 	 * @param string $name
@@ -119,21 +119,10 @@ class Session
 			'page_flags'    => $user_record['page-flags'],
 			'my_url'        => $a->getBaseURL() . '/profile/' . $user_record['nickname'],
 			'my_address'    => $user_record['nickname'] . '@' . substr($a->getBaseURL(), strpos($a->getBaseURL(), '://') + 3),
-			'addr'          => defaults($_SERVER, 'REMOTE_ADDR', '0.0.0.0'),
-			'remote'	=> []
+			'addr'          => defaults($_SERVER, 'REMOTE_ADDR', '0.0.0.0')
 		]);
 
-		$remote_contacts = DBA::select('contact', ['id', 'uid'], ['nurl' => Strings::normaliseLink($_SESSION['my_url']), 'rel' => [Contact::FOLLOWER, Contact::FRIEND], 'self' => false]);
-		while ($contact = DBA::fetch($remote_contacts)) {
-			if (($contact['uid'] == 0) || Contact::isBlockedByUser($contact['id'], $contact['uid'])) {
-				continue;
-			}
-
-			/// @todo Change it to this format to save space
-			// $_SESSION['remote'][$contact['uid']] = $contact['id'];
-			$_SESSION['remote'][$contact['uid']] = ['cid' => $contact['id'], 'uid' => $contact['uid']];
-		}
-		DBA::close($remote_contacts);
+		self::setVisitorsContacts();
 
 		$member_since = strtotime($user_record['register_date']);
 		self::set('new_member', time() < ($member_since + ( 60 * 60 * 24 * 14)));
@@ -216,4 +205,68 @@ class Session
 			}
 		}
 	}
+
+	/**
+	 * Returns contact ID for given user ID
+	 *
+	 * @param integer $uid User ID
+	 * @return integer Contact ID of visitor for given user ID
+	 */
+	public static function getRemoteContactID($uid)
+	{
+		if (empty($_SESSION['remote'][$uid])) {
+			return false;
+		}
+
+		return $_SESSION['remote'][$uid];
+	}
+
+	/**
+	 * Returns User ID for given contact ID of the visitor
+	 *
+	 * @param integer $cid Contact ID
+	 * @return integer User ID for given contact ID of the visitor
+	 */
+	public static function getUserIDForVisitorContactID($cid)
+	{
+		if (empty($_SESSION['remote'])) {
+			return false;
+		}
+
+		return array_search($cid, $_SESSION['remote']);
+	}
+
+	/**
+	 * Set the session variable that contains the contact IDs for the visitor's contact URL
+	 *
+	 * @param string $url Contact URL
+	 */
+	public static function setVisitorsContacts()
+	{
+		$_SESSION['remote'] = [];
+
+		$remote_contacts = DBA::select('contact', ['id', 'uid'], ['nurl' => Strings::normaliseLink($_SESSION['my_url']), 'rel' => [Contact::FOLLOWER, Contact::FRIEND], 'self' => false]);
+		while ($contact = DBA::fetch($remote_contacts)) {
+			if (($contact['uid'] == 0) || Contact::isBlockedByUser($contact['id'], $contact['uid'])) {
+				continue;
+			}
+
+			$_SESSION['remote'][$contact['uid']] = $contact['id'];
+		}
+		DBA::close($remote_contacts);
+	}
+
+	/**
+	 * Returns if the current visitor is authenticated
+	 *
+	 * @return boolean "true" when visitor is either a local or remote user
+	 */
+	public static function isAuthenticated()
+	{
+		if (empty($_SESSION['authenticated'])) {
+			return false;
+		}
+
+		return $_SESSION['authenticated'];
+	}
 }