Merge pull request #5946 from JonnyTischbein/move_include_security

Move and Split include/security

src/Module/Login.php

@@ -7,6 +7,7 @@ namespace Friendica\Module;
 use Exception;
 use Friendica\BaseModule;
 use Friendica\Core\Addon;
+use Friendica\Core\Authentication;
 use Friendica\Core\Config;
 use Friendica\Core\L10n;
 use Friendica\Database\DBA;
@@ -16,7 +17,6 @@ use Friendica\Util\Network;
 use LightOpenID;
 
 require_once 'boot.php';
-require_once 'include/security.php';
 require_once 'include/text.php';
 
 /**
@@ -148,13 +148,13 @@ class Login extends BaseModule
 		}
 
 		if (!$remember) {
-			new_cookie(0); // 0 means delete on browser exit
+			Authentication::setCookie(0); // 0 means delete on browser exit
 		}
 
 		// if we haven't failed up this point, log them in.
 		$_SESSION['remember'] = $remember;
 		$_SESSION['last_login_date'] = DateTimeFormat::utcNow();
-		authenticate_success($record, true, true);
+		Authentication::setAuthenticatedSessionForUser($record, true, true);
 
 		if (x($_SESSION, 'return_url')) {
 			$return_url = $_SESSION['return_url'];
@@ -188,9 +188,9 @@ class Login extends BaseModule
 					]
 				);
 				if (DBA::isResult($user)) {
-					if ($data->hash != cookie_hash($user)) {
+					if ($data->hash != Authentication::getCookieHashForUser($user)) {
 						logger("Hash for user " . $data->uid . " doesn't fit.");
-						nuke_session();
+						Authentication::deleteSession();
 						goaway(self::getApp()->getBaseURL());
 					}
 
@@ -198,11 +198,11 @@ class Login extends BaseModule
 					// Expires after 7 days by default,
 					// can be set via system.auth_cookie_lifetime
 					$authcookiedays = Config::get('system', 'auth_cookie_lifetime', 7);
-					new_cookie($authcookiedays * 24 * 60 * 60, $user);
+					Authentication::setCookie($authcookiedays * 24 * 60 * 60, $user);
 
 					// Do the authentification if not done by now
 					if (!isset($_SESSION) || !isset($_SESSION['authenticated'])) {
-						authenticate_success($user);
+						Authentication::setAuthenticatedSessionForUser($user);
 
 						if (Config::get('system', 'paranoia')) {
 							$_SESSION['addr'] = $data->ip;
@@ -227,7 +227,7 @@ class Login extends BaseModule
 				if ($check && ($_SESSION['addr'] != $_SERVER['REMOTE_ADDR'])) {
 					logger('Session address changed. Paranoid setting in effect, blocking session. ' .
 						$_SESSION['addr'] . ' != ' . $_SERVER['REMOTE_ADDR']);
-					nuke_session();
+					Authentication::deleteSession();
 					goaway(self::getApp()->getBaseURL());
 				}
 
@@ -241,7 +241,7 @@ class Login extends BaseModule
 					]
 				);
 				if (!DBA::isResult($user)) {
-					nuke_session();
+					Authentication::deleteSession();
 					goaway(self::getApp()->getBaseURL());
 				}
 
@@ -255,7 +255,7 @@ class Login extends BaseModule
 					$_SESSION['last_login_date'] = DateTimeFormat::utcNow();
 					$login_refresh = true;
 				}
-				authenticate_success($user, false, false, $login_refresh);
+				Authentication::setAuthenticatedSessionForUser($user, false, false, $login_refresh);
 			}
 		}
 	}

src/Module/Logout.php

@@ -6,10 +6,10 @@ namespace Friendica\Module;
 
 use Friendica\BaseModule;
 use Friendica\Core\Addon;
+use Friendica\Core\Authentication;
 use Friendica\Core\L10n;
 
 require_once 'boot.php';
-require_once 'include/security.php';
 
 /**
  * Logout module
@@ -24,7 +24,7 @@ class Logout extends BaseModule
 	public static function init()
 	{
 		Addon::callHooks("logging_out");
-		nuke_session();
+		Authentication::deleteSession();
 		info(L10n::t('Logged out.') . EOL);
 		goaway(self::getApp()->getBaseURL());
 	}

src/Module/Proxy.php

@@ -17,8 +17,6 @@ use Friendica\Util\DateTimeFormat;
 use Friendica\Util\Network;
 use Friendica\Util\Proxy as ProxyUtils;
 
-require_once 'include/security.php';
-
 /**
  * @brief Module Proxy
  */