From 2e12d92d5120c2255cc6c2a937c67cd3d3f17920 Mon Sep 17 00:00:00 2001 From: ralf Date: Fri, 11 Nov 2022 21:00:30 +0100 Subject: [PATCH] cache authentication for 1 hour, to not have to ask the backend again (eg. for LDAP or AD) --- api/src/Auth.php | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/api/src/Auth.php b/api/src/Auth.php index 74a086de23..28010b4a22 100644 --- a/api/src/Auth.php +++ b/api/src/Auth.php @@ -303,7 +303,12 @@ class Auth } /** - * password authentication against password stored in sql datababse + * How long to cache authentication, before asking backend again + */ + const AUTH_CACHE_TIME = 3600; + + /** + * Password authentication against authentication backend * * @param string $username username of account to authenticate * @param string $passwd corresponding password @@ -312,7 +317,11 @@ class Auth */ function authenticate($username, $passwd, $passwd_type='text') { - return $this->backend->authenticate($username, $passwd, $passwd_type); + return Cache::getCache($GLOBALS['egw_info']['server']['install_id'], + __CLASS__, sha1($username.':'.$passwd.':'.$passwd_type), function($username, $passwd, $passwd_type) + { + return $this->backend->authenticate($username, $passwd, $passwd_type); + }, [$username, $passwd, $passwd_type], self::AUTH_CACHE_TIME); } /** @@ -345,6 +354,10 @@ class Auth Accounts::cache_invalidate($account_id); self::changepwd($old_passwd, $new_passwd, $account_id); + + // unset (possibly) cached authentication + Cache::unsetCache($GLOBALS['egw_info']['server']['install_id'], + __CLASS__, sha1(Accounts::id2name($account_id).':'.$old_passwd.':text')); } return $ret; } @@ -892,4 +905,4 @@ class Auth return strcmp($md5_hmac,$db_val) == 0; } -} +} \ No newline at end of file