cache authentication for 1 hour, to not have to ask the backend again (eg. for LDAP or AD)

This commit is contained in:
ralf 2022-11-11 21:00:30 +01:00
parent ae961f208d
commit 2e12d92d51

View File

@ -303,7 +303,12 @@ class Auth
} }
/** /**
* password authentication against password stored in sql datababse * How long to cache authentication, before asking backend again
*/
const AUTH_CACHE_TIME = 3600;
/**
* Password authentication against authentication backend
* *
* @param string $username username of account to authenticate * @param string $username username of account to authenticate
* @param string $passwd corresponding password * @param string $passwd corresponding password
@ -311,8 +316,12 @@ class Auth
* @return boolean true if successful authenticated, false otherwise * @return boolean true if successful authenticated, false otherwise
*/ */
function authenticate($username, $passwd, $passwd_type='text') function authenticate($username, $passwd, $passwd_type='text')
{
return Cache::getCache($GLOBALS['egw_info']['server']['install_id'],
__CLASS__, sha1($username.':'.$passwd.':'.$passwd_type), function($username, $passwd, $passwd_type)
{ {
return $this->backend->authenticate($username, $passwd, $passwd_type); return $this->backend->authenticate($username, $passwd, $passwd_type);
}, [$username, $passwd, $passwd_type], self::AUTH_CACHE_TIME);
} }
/** /**
@ -345,6 +354,10 @@ class Auth
Accounts::cache_invalidate($account_id); Accounts::cache_invalidate($account_id);
self::changepwd($old_passwd, $new_passwd, $account_id); self::changepwd($old_passwd, $new_passwd, $account_id);
// unset (possibly) cached authentication
Cache::unsetCache($GLOBALS['egw_info']['server']['install_id'],
__CLASS__, sha1(Accounts::id2name($account_id).':'.$old_passwd.':text'));
} }
return $ret; return $ret;
} }