Don't use user/password cache from the login page

The idea is to always use memcached for credentials to avoid hitting the authentication backend on every click but to check with the auth backend for every login requests. This should fix #2169 While there, fix whitespace (killtab)
2026-03-06 15:46:23 +00:00 · 2013-02-01 18:35:10 -05:00
parent 488a76c5e3
commit 451c82c815
4 changed files with 72 additions and 21 deletions
--- a/SoObjects/SOGo/SOGoUserManager.h
+++ b/SoObjects/SOGo/SOGoUserManager.h
@@ -82,11 +82,19 @@
 - (NSString *) getLoginForDN: (NSString *) theDN;

 - (BOOL) checkLogin: (NSString *) _login
-	   password: (NSString *) _pwd
+           password: (NSString *) _pwd
             domain: (NSString **) _domain
-	       perr: (SOGoPasswordPolicyError *) _perr
-	     expire: (int *) _expire
-	      grace: (int *) _grace;
+               perr: (SOGoPasswordPolicyError *) _perr
+             expire: (int *) _expire
+              grace: (int *) _grace;
+
+- (BOOL) checkLogin: (NSString *) _login
+           password: (NSString *) _pwd
+             domain: (NSString **) _domain
+               perr: (SOGoPasswordPolicyError *) _perr
+             expire: (int *) _expire
+              grace: (int *) _grace
+           useCache: (BOOL) _useCache;

 - (BOOL) changePasswordForLogin: (NSString *) login
                       inDomain: (NSString *) domain
--- a/SoObjects/SOGo/SOGoUserManager.m
+++ b/SoObjects/SOGo/SOGoUserManager.m
@@ -448,11 +448,28 @@ static Class NSNullK;
 }

 - (BOOL) checkLogin: (NSString *) _login
-	   password: (NSString *) _pwd
+           password: (NSString *) _pwd
             domain: (NSString **) _domain
-	       perr: (SOGoPasswordPolicyError *) _perr
-	     expire: (int *) _expire
-	      grace: (int *) _grace
+               perr: (SOGoPasswordPolicyError *) _perr
+             expire: (int *) _expire
+              grace: (int *) _grace
+{
+  return [self checkLogin: _login
+                   password: _pwd
+                   domain: _domain
+                   perr: _perr
+                   expire: _expire
+                   grace: _grace
+                   useCache: YES];
+}
+
+- (BOOL) checkLogin: (NSString *) _login
+           password: (NSString *) _pwd
+             domain: (NSString **) _domain
+               perr: (SOGoPasswordPolicyError *) _perr
+             expire: (int *) _expire
+              grace: (int *) _grace
+           useCache: (BOOL) useCache
 {
  NSString *dictPassword, *username, *jsonUser;
  NSMutableDictionary *currentUser;
@@ -468,7 +485,7 @@ static Class NSNullK;
  jsonUser = [[SOGoCache sharedCache] userAttributesForLogin: username];
  currentUser = [jsonUser objectFromJSONString];
  dictPassword = [currentUser objectForKey: @"password"];
-  if (currentUser && dictPassword)
+  if (useCache && currentUser && dictPassword)
    {
      checkOK = ([dictPassword isEqualToString: [_pwd asSHA1String]]);
      //NSLog(@"Password cache hit for user %@", _login);
@@ -482,9 +499,9 @@ static Class NSNullK;
    {
      checkOK = YES;
      if (!currentUser)
-	{
-	  currentUser = [NSMutableDictionary dictionary];
-	}
+        {
+          currentUser = [NSMutableDictionary dictionary];
+        }

      // It's important to cache the password here as we might have cached the
      // user's entry in -contactInfosForUserWithUIDorEmail: and if we don't
--- a/SoObjects/SOGo/SOGoWebAuthenticator.h
+++ b/SoObjects/SOGo/SOGoWebAuthenticator.h
@@ -42,11 +42,19 @@
 + (id) sharedSOGoWebAuthenticator;

 - (BOOL) checkLogin: (NSString *) _login
-	   password: (NSString *) _pwd
+           password: (NSString *) _pwd
             domain: (NSString **) _domain
-	       perr: (SOGoPasswordPolicyError *) _perr
-	     expire: (int *) _expire
-	      grace: (int *) _grace;
+               perr: (SOGoPasswordPolicyError *) _perr
+             expire: (int *) _expire
+              grace: (int *) _grace;
+
+- (BOOL) checkLogin: (NSString *) _login
+           password: (NSString *) _pwd
+             domain: (NSString **) _domain
+               perr: (SOGoPasswordPolicyError *) _perr
+             expire: (int *) _expire
+              grace: (int *) _grace
+           useCache: (BOOL) useCache;

 - (WOCookie *) cookieWithUsername: (NSString *) username
                      andPassword: (NSString *) password
--- a/SoObjects/SOGo/SOGoWebAuthenticator.m
+++ b/SoObjects/SOGo/SOGoWebAuthenticator.m
@@ -104,11 +104,28 @@
 }

 - (BOOL) checkLogin: (NSString *) _login
-	   password: (NSString *) _pwd
+           password: (NSString *) _pwd
             domain: (NSString **) _domain
-	       perr: (SOGoPasswordPolicyError *) _perr
-	     expire: (int *) _expire
-	      grace: (int *) _grace
+               perr: (SOGoPasswordPolicyError *) _perr
+             expire: (int *) _expire
+              grace: (int *) _grace
+{
+  return [self checkLogin: _login
+                 password: _pwd
+                   domain: _domain
+                     perr: _perr
+                   expire: _expire
+                    grace: _grace
+                 useCache: YES];
+}
+
+- (BOOL) checkLogin: (NSString *) _login
+           password: (NSString *) _pwd
+             domain: (NSString **) _domain
+               perr: (SOGoPasswordPolicyError *) _perr
+             expire: (int *) _expire
+              grace: (int *) _grace
+           useCache: (BOOL) _useCache
 {
  SOGoCASSession *session;
  SOGoSystemDefaults *sd;
@@ -144,7 +161,8 @@
                                                  domain: _domain
                                                    perr: _perr
                                                  expire: _expire
-                                                   grace: _grace];
+                                                   grace: _grace
+                                                   useCache: _useCache];
  
  //[self logWithFormat: @"Checked login with ppolicy enabled: %d %d %d", *_perr, *_expire, *_grace];