use cache functions from ltb-common (#979)

htdocs/index.php

@@ -15,9 +15,6 @@
 #==============================================================================
 require_once("../vendor/autoload.php");
 require_once("../lib/functions.inc.php");
-require_once(__DIR__."/../lib/cache.php");
-
-use Symfony\Component\Cache\Adapter\FilesystemAdapter;
 
 #==============================================================================
 # VARIABLES
@@ -125,12 +122,7 @@
 #==============================================================================
 # Cache Config
 #==============================================================================
-$sspCache = new FilesystemAdapter(
-    $namespace = 'sspCache',
-    $defaultLifetime = 0,
-    $directory = null
-);
-$sspCache->prune();
+$sspCache = new \Ltb\Cache( 'sspCache', 0, null );
 
 #==============================================================================
 # Captcha Config

htdocs/resetbytoken.php

@@ -54,9 +54,8 @@
 
     # select token in the cache
     # will gather login,time and smstoken values from session.
-    $cached_token = $sspCache->getItem($tokenid);
-    $cached_token_content = $cached_token->get();
-    if($cached_token->isHit())
+    $cached_token_content = $sspCache->get_token($tokenid);
+    if($cached_token_content)
     {
         $login = $cached_token_content['login'];
     }
@@ -178,7 +177,7 @@
 
 # Delete token if all is ok
 if ( $result === "passwordchanged" ) {
-    $sspCache->deleteItem($tokenid);
+    $sspCache->cache->deleteItem($tokenid);
 }
 
 #==============================================================================

htdocs/sendsms.php

@@ -72,7 +72,7 @@
         if ((!$login) and (!$phone)){
             if(!$sms_use_ldap)
             {
-                $formtoken = generate_form_token($sspCache, $cache_form_expiration);
+                $formtoken = $sspCache->generate_form_token($cache_form_expiration);
             }
             $result = "emptysendsmsform";
         }
@@ -88,10 +88,9 @@
         $tokenid = decrypt($token, $keyphrase);
 
         # Get session from cache
-        $cached_token = $sspCache->getItem($tokenid);
-        $cached_token_content = $cached_token->get();
+        $cached_token_content = $sspCache->get_token($tokenid);
 
-        if($cached_token->isHit())
+        if($cached_token_content)
         {
             $login        = $cached_token_content['login'];
             $sessiontoken = $cached_token_content['smstoken'];
@@ -109,8 +108,7 @@
             # To have only x tries and not x+1 tries
             if ($attempts < ($sms_max_attempts_token - 1)) {
                 $cached_token_content['attempts'] = $attempts + 1;
-                $cached_token->set($cached_token_content);
-                $sspCache->save($cached_token);
+                $sspCache->save_token($cached_token_content, $tokenid);
                 $result = "tokenattempts";
                 error_log("SMS token $smstoken not valid, attempt $attempts");
             } else {
@@ -126,11 +124,11 @@
         }
         if ( $result === "tokennotvalid" ) {
             # Remove token
-            $sspCache->deleteItem($tokenid);
+            $sspCache->cache->deleteItem($tokenid);
         }
         if ( $result === "" ) {
             # Remove token
-            $sspCache->deleteItem($tokenid);
+            $sspCache->cache->deleteItem($tokenid);
             $result = "buildtoken";
         }
     } elseif (isset($_REQUEST["encrypted_sms_login"])) {
@@ -149,7 +147,7 @@
     }else{
         if(!$sms_use_ldap)
         {
-            $formtoken = generate_form_token($sspCache, $cache_form_expiration);
+            $formtoken = $sspCache->generate_form_token($cache_form_expiration);
         }
         $result = "emptysendsmsform";
     }
@@ -195,7 +193,7 @@
                 $smsdisplay = substr_replace($sms, '****', 4 , 4);
             }
 
-            $formtoken = generate_form_token($sspCache, $cache_form_expiration);
+            $formtoken = $sspCache->generate_form_token($cache_form_expiration);
 
             $result = "smsuserfound";
         }
@@ -213,7 +211,7 @@
 #==============================================================================
 if ($result === "sendsms") {
     $formtoken = strval($_REQUEST["formtoken"]);
-    $formtoken_result = verify_form_token($sspCache, $formtoken);
+    $formtoken_result = $sspCache->verify_form_token($formtoken);
     if($formtoken_result == "invalidformtoken")
     {
         $result = $formtoken_result;
@@ -227,18 +225,17 @@
 
     # Generate sms token
     $smstoken = generate_sms_token($sms_token_length);
-    # Create temporary session to avoid token replay
-    $smstoken_session_id = hash('sha256', bin2hex(random_bytes(16)));
-    $smscached_token = $sspCache->getItem($smstoken_session_id);
-    $smscached_token->set([
-                           'login' => $login,
-                           'smstoken' => $smstoken,
-                           'time' => time(),
-                           'attempts' => 0
-                         ]);
-    $smscached_token->expiresAfter($cache_token_expiration);
-    $sspCache->save($smscached_token);
-    error_log("generated cache entry with id: " . $smstoken_session_id. " for storing step 'send sms' of password reset by sms workflow, valid for $cache_token_expiration s");
+
+    $smstoken_session_id = $sspCache->save_token(
+                               [
+                                 'login' => $login,
+                                 'smstoken' => $smstoken,
+                                 'time' => time(),
+                                 'attempts' => 0
+                               ],
+                               null,
+                               $cache_token_expiration
+                           );
 
     $data = array( "sms_attribute" => $sms, "smsresetmessage" => $messages['smsresetmessage'], "smstoken" => $smstoken) ;
 
@@ -291,16 +288,15 @@
 #==============================================================================
 if ($result === "buildtoken") {
 
-    $smstoken_session_id = hash('sha256', bin2hex(random_bytes(16)));
-    $smscached_token = $sspCache->getItem($smstoken_session_id);
-    $smscached_token->set([
-                           'login' => $login,
-                           'time' => time(),
-                           'smstoken' => $smstoken
-                         ]);
-    $smscached_token->expiresAfter($cache_form_expiration);
-    $sspCache->save($smscached_token);
-    error_log("generated cache entry with id: " . $smstoken_session_id. " for storing step 'password change' of password reset by sms workflow, valid for $cache_form_expiration s");
+    $smstoken_session_id = $sspCache->save_token(
+                               [
+                                   'login' => $login,
+                                   'time' => time(),
+                                   'smstoken' => $smstoken
+                               ],
+                               null,
+                               $cache_form_expiration
+                           );
 
     $token = encrypt($smstoken_session_id, $keyphrase);
 

htdocs/sendtoken.php

@@ -57,7 +57,7 @@
 
     $result = "emptysendtokenform";
 
-    $formtoken = generate_form_token($sspCache, $cache_form_expiration);
+    $formtoken = $sspCache->generate_form_token($cache_form_expiration);
 }
 
 # Check the entered username for characters that our installation doesn't support
@@ -71,7 +71,7 @@
 
 if ( !$result ) {
     $formtoken = strval($_REQUEST["formtoken"]);
-    $result = verify_form_token($sspCache, $formtoken);
+    $result = $sspCache->verify_form_token($formtoken);
 }
 
 #==============================================================================
@@ -167,20 +167,19 @@
 if ( !$result ) {
 
     # Use cache to register token sent by mail
-    $token_session_id = hash('sha256', bin2hex(random_bytes(16)));
+    $token_session_id = $sspCache->save_token(
+                            [
+                                'login' => $login,
+                                'time' => time()
+                            ],
+                            null,
+                            $cache_token_expiration
+                        );
     if ( $crypt_tokens ) {
         $token = encrypt($token_session_id, $keyphrase);
     } else {
         $token = $token_session_id();
     }
-    $cached_token = $sspCache->getItem($token_session_id);
-    $cached_token->set([
-                         'login' => $login,
-                         'time' => time()
-                       ]);
-    $cached_token->expiresAfter($cache_token_expiration);
-    $sspCache->save($cached_token);
-    error_log("generated cache entry with id: " . $token_session_id. " for storing password reset by mail workflow, valid for $cache_token_expiration s");
 }