get user from session

ylebre · ylebre · commit df1197c34d71 · 2025-07-07T15:46:32.000+02:00
diff --git a/lib/Session.php b/lib/Session.php
@@ -7,14 +7,14 @@ public static function start($username) {
 			session_start([
 				'cookie_lifetime' => 24*60*60 // 1 day
 			]);
-			$_SESSION['username'] = $email;
+			$_SESSION['username'] = $username;
 		}
 		
 		public static function getLoggedInUser() {
 			session_start();
 			if (!isset($_SESSION['username'])) {
 				return false;
 			}
-			return self::getUser($_SESSION['username']);
+			return $_SESSION['username'];
 		}
 	}
diff --git a/lib/User.php b/lib/User.php
@@ -187,6 +187,9 @@ public static function setStorage($userId, $storageUrl) {
 		}
 
 		public static function getUser($email) {
+			if (!isset($email)) {
+				return false;
+			}
 			Db::connect();
 			$query = Db::$pdo->prepare(
 				'SELECT user_id, data FROM users WHERE email=:email'
diff --git a/www/idp/index.php b/www/idp/index.php
@@ -37,7 +37,7 @@
 				break;
 				case "/authorize":
 				case "/authorize/":
-					$user = Session::getLoggedInUser();
+					$user = User::getUser(Session::getLoggedInUser());
 					if (!$user) {
 						header("Location: /login/?redirect_uri=" . urlencode($_SERVER['REQUEST_URI']));
 						exit();
@@ -125,7 +125,7 @@
 				break;
 				case "/dashboard":
 				case "/dashboard/":
-					$user = Session::getLoggedInUser();
+					$user = User::getUser(Session::getLoggedInUser());
 					if (!$user) {
 						header("Location: /login/");
 						exit();
@@ -134,7 +134,7 @@
 				break;
 				case "/logout":
 				case "/logout/":
-					$user = Session::getLoggedInUser();
+					$user = User::getUser(Session::getLoggedInUser());
 					if ($user) {
 						session_destroy();
 					}
@@ -162,7 +162,7 @@
 				break;
 				case "/sharing":
 				case "/sharing/":
-					$user = Session::getLoggedInUser();
+					$user = User::getUser(Session::getLoggedInUser());
 					if (!$user) {
 						header("Location: /login/");
 						exit();
@@ -368,7 +368,7 @@
 				break;
 				case "/api/sharing":
 				case "/api/sharing/":
-					$user = Session::getLoggedInUser();
+					$user = User::getUser(Session::getLoggedInUser());
 					if (!$user) {
 						header("HTTP/1.1 400 Bad request");
 					} else {

Original file line number	Diff line number	Diff line change
`@@ -7,14 +7,14 @@ public static function start($username) {`
`7`	`7`	`session_start([`
`8`	`8`	`'cookie_lifetime' => 246060 // 1 day`
`9`	`9`	`]);`
`10`		`- $_SESSION['username'] = $email;`
	`10`	`+ $_SESSION['username'] = $username;`
`11`	`11`	`}`
`12`	`12`
`13`	`13`	`public static function getLoggedInUser() {`
`14`	`14`	`session_start();`
`15`	`15`	`if (!isset($_SESSION['username'])) {`
`16`	`16`	`return false;`
`17`	`17`	`}`
`18`		`- return self::getUser($_SESSION['username']);`
	`18`	`+ return $_SESSION['username'];`
`19`	`19`	`}`
`20`	`20`	`}`
Original file line number	Diff line number	Diff line change
`@@ -187,6 +187,9 @@ public static function setStorage($userId, $storageUrl) {`
`187`	`187`	`}`
`188`	`188`
`189`	`189`	`public static function getUser($email) {`
	`190`	`+ if (!isset($email)) {`
	`191`	`+ return false;`
	`192`	`+ }`
`190`	`193`	`Db::connect();`
`191`	`194`	`$query = Db::$pdo->prepare(`
`192`	`195`	`'SELECT user_id, data FROM users WHERE email=:email'`