From 7c833abd4e60a8283a1dda53c41cf553bcca0553 Mon Sep 17 00:00:00 2001
From: Vladimir Panteleev <git@thecybershadow.net>
Date: Mon, 5 Mar 2018 19:47:53 +0000
Subject: [PATCH] Implement auto-passwords mode

This mode is automatically enabled iff:

- The password field is disabled
- Normal login is disabled
- Automatic login is enabled

In this mode, the login hash cookie acts as the only needed
authentication. It is assigned automatically when the user posts
something for the first time, and allows them to redact all comments made
while still in possession of said cookie.
---
 hashover/backend/classes/commentparser.php |  7 ++---
 hashover/backend/classes/login.php         | 12 +++++++--
 hashover/backend/classes/settings.php      | 15 ++++++++++-
 hashover/backend/classes/writecomments.php | 30 ++++++++++++++--------
 4 files changed, 47 insertions(+), 17 deletions(-)

diff --git a/hashover/backend/classes/commentparser.php b/hashover/backend/classes/commentparser.php
index fc6a6b0c..c22b8bfa 100644
--- a/hashover/backend/classes/commentparser.php
+++ b/hashover/backend/classes/commentparser.php
@@ -146,9 +146,10 @@ public function parse (array $comment, $key, $key_parts, $popular = false)
 				$output['user-owned'] = true;
 
 				// Check if the comment is editable
-				if (!empty ($comment['password'])) {
-					$output['editable'] = true;
-				}
+				if ($this->setup->autoPasswords)
+					$output['editable'] = $output['user-owned'];
+				else
+					$output['editable'] = !empty ($comment['password']);
 			}
 		}
 
diff --git a/hashover/backend/classes/login.php b/hashover/backend/classes/login.php
index b70564c5..7bb56fff 100644
--- a/hashover/backend/classes/login.php
+++ b/hashover/backend/classes/login.php
@@ -83,8 +83,16 @@ public function prepareCredentials ()
 			$password = $password ? $password : $random_password;
 		}
 
-		// Generate a RIPEMD-160 hash to indicate user login
-		$this->loginMethod->loginHash = hash ('ripemd160', $name . $password);
+		// Don't reset the login cookie in auto-passwords mode, as
+		// that will effectively log the user out
+		if ($this->setup->autoPasswords !== false
+			&& !empty($this->loginMethod->loginHash)
+			&& $this->cookies->getValue ('login') !== null) {
+			$this->loginMethod->loginHash = $this->cookies->getValue ('login');
+		} else {
+			// Generate a RIPEMD-160 hash to indicate user login
+			$this->loginMethod->loginHash = hash ('ripemd160', $name . $password);
+		}
 
 		// Set e-mail address
 		if (isset ($this->postData['email'])) {
diff --git a/hashover/backend/classes/settings.php b/hashover/backend/classes/settings.php
index 04cce887..32d900a5 100644
--- a/hashover/backend/classes/settings.php
+++ b/hashover/backend/classes/settings.php
@@ -134,6 +134,7 @@ class Settings extends Secrets
 	public $httpImages;
 	public $cookieExpiration;
 	public $domain;
+	public $autoPasswords;
 
 	public function __construct ()
 	{
@@ -307,8 +308,20 @@ public function syncSettings ()
 			$this->allowsLogin = false;
 		}
 
+		// Automatic passwords are enabled iff:
+		// - The password field is disabled
+		// - Normal login is disabled
+		// - Automatic login is enabled
+		// As there is no way to log in "normally", a random
+		// password will be generated nd the user will be
+		// logged in, allowing them to redact their comments
+		// as long as the cookie lasts.
+		$this->autoPasswords = $this->fieldOptions['password'] === false
+				     && $this->allowsLogin === false
+				     && $this->usesAutoLogin === true;
+
 		// Disable autologin if login is disabled
-		if ($this->allowsLogin === false) {
+		if ($this->allowsLogin === false && $this->autoPasswords === false) {
 			$this->usesAutoLogin = false;
 		}
 
diff --git a/hashover/backend/classes/writecomments.php b/hashover/backend/classes/writecomments.php
index c3d1e389..0b21049a 100644
--- a/hashover/backend/classes/writecomments.php
+++ b/hashover/backend/classes/writecomments.php
@@ -277,7 +277,8 @@ public function login ($kickback = true)
 	{
 		try {
 			// Log the user in
-			if ($this->setup->allowsLogin !== false) {
+			if ($this->setup->allowsLogin !== false
+				|| $this->setup->autoPasswords !== false) {
 				$this->login->setLogin ();
 			}
 
@@ -333,18 +334,25 @@ protected function commentAuthentication ()
 			return $auth;
 		}
 
-		// Check if we have both required passwords
-		if (!empty ($this->postData['password'])
-		    and !empty ($auth['comment']['password']))
-		{
-			// If so, get the user input password
-			$user_password = $this->encodeHTML ($this->postData['password']);
+		// In auto-password mode, just verify the login-id
+		if ($this->setup->autoPasswords) {
+			$auth['user-owned'] = !empty($this->login->loginHash)
+					    && !empty($auth['comment']['login_id'])
+					    && $this->login->loginHash == $auth['comment']['login_id'];
+		} else {
+			// Check if we have both required passwords
+			if (!empty ($this->postData['password'])
+			    and !empty ($auth['comment']['password']))
+			{
+				// If so, get the user input password
+				$user_password = $this->encodeHTML ($this->postData['password']);
 
-			// Get the comment password
-			$comment_password = $auth['comment']['password'];
+				// Get the comment password
+				$comment_password = $auth['comment']['password'];
 
-			// Attempt to compare the two passwords
-			$auth['user-owned'] = $this->encryption->verifyHash ($user_password, $comment_password);
+				// Attempt to compare the two passwords
+				$auth['user-owned'] = $this->encryption->verifyHash ($user_password, $comment_password);
+			}
 		}
 
 		// Set general authorization state