[TYPO3-core] State of TYPO3 OpenID
Dmitry Dulepov
dmitry.dulepov at gmail.com
Wed Jul 10 16:41:19 CEST 2013
Hi!
Christian Weiske wrote:
> This code checks if the sanitized OpenID identifier given by the user
> in the login form equals the OpenID in his database record. This means
> that it is not possible to login with an endpoint URL.
When the code was developed, it was a requirement that the openid url must
match the url in the user record. This is why this check exists.
> And yes, I move the code up in the file - this has the effect that the
> checks are done later, after the OpenID login process happened.
The check you moved is the check that the login is in progress. If not, it
returns. Basically you did an early return, thatš all. I do not see how
this changes the functionality. May be, there is a hidden magic somewhere
there? :) Or, may be, I should just try it in the debugger.
--
Dmitry Dulepov
More information about the TYPO3-team-core
mailing list