modified loginPrivateKey to only authenticate with privatekey

src/SemanticScuttle/Service/User.php

@@ -585,16 +585,14 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
     }
 
     /**
-     * Try to authenticate and login a user with
+     * Try to authenticate via the privatekey
-     * username and privatekey.
      *
-     * @param string $username   Name of User
      * @param string $privatekey Private Key
      *
      * @return boolean true if the user could be authenticated,
      *                 false if not.
      */
-    public function loginPrivateKey($username, $privatekey)
+    public function loginPrivateKey($privatekey)
     {
         /* Check if private key valid and enabled */
         if (!$this->isPrivateKeyValid($privatekey)) {
@@ -603,8 +601,6 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
 
         $query = 'SELECT '. $this->getFieldName('primary') .' FROM '
             . $this->getTableName() .' WHERE '
-            . $this->getFieldName('username') .' = "'
-            . $this->db->sql_escape($username) .'" AND '
             . $this->getFieldName('privatekey') .' = "'
             . $this->db->sql_escape($privatekey) .'"';
 

tests/BookmarkTest.php

@@ -1384,7 +1384,7 @@ class BookmarkTest extends TestBase
         $b2 = $bookmarks['bookmarks'][0];
         $this->assertEquals('title', $b2['bTitle']);
         // there should be no second record
-        $this->assertEquals(count($bookmarks['bookmarks']),1);
+        $this->assertEquals(1,count($bookmarks['bookmarks']));
 
     }
 

tests/UserTest.php

@@ -452,9 +452,9 @@ class UserTest extends TestBase
         $randKey2 = '-'.$this->us->getNewPrivateKey();
         $uid2 = $this->addUser('seconduser', 'passw0RD', $randKey2);
 
-        /* test invalid credentials - both invalid login and key */
+        /* test invalid private key */
         $this->assertFalse(
-            $this->us->loginPrivateKey('userdoesnot', '02848248084082408240824802408248')
+            $this->us->loginPrivateKey('02848248084082408240824802408248')
         );
     }
 
@@ -470,7 +470,7 @@ class UserTest extends TestBase
 
         /* test valid credentials with private key enabled */
         $this->assertTrue(
-            $this->us->loginPrivateKey('testusername', $randKey)
+            $this->us->loginPrivateKey($randKey)
         );
     }
 
@@ -486,7 +486,7 @@ class UserTest extends TestBase
 
         /* test valid credentials with private key enabled but invalid key */
         $this->assertFalse(
-            $this->us->loginPrivateKey('testusername', '123')
+            $this->us->loginPrivateKey('123')
         );
     }
 
@@ -507,7 +507,7 @@ class UserTest extends TestBase
 
         /* test valid credentials with private key disabled */
         $this->assertFalse(
-            $this->us->loginPrivateKey('seconduser', $randKey2)
+            $this->us->loginPrivateKey($randKey2)
         );
     }
 
@@ -523,10 +523,10 @@ class UserTest extends TestBase
 
         /* test valid credentials with private key disabled and invalid key */
         $this->assertFalse(
-            $this->us->loginPrivateKey('seconduser', '-1')
+            $this->us->loginPrivateKey('-1')
         );
         $this->assertFalse(
-            $this->us->loginPrivateKey('seconduser', null)
+            $this->us->loginPrivateKey(null)
         );
     }
 

www/rss.php

@@ -86,7 +86,7 @@ if ($user && $user != 'all') {
             /* if user is not logged in and has valid privatekey */
             if (!$userservice->isLoggedOn()) {
                 if ($privatekey != null) {
-                    if ($userservice->loginPrivateKey($user, $privatekey)) {
+                    if ($userservice->loginPrivateKey($privatekey)) {
                         $isTempLogin = true;
                     } else {
                         $tplVars['error'] = sprintf(T_('Failed to Autenticate User with username %s using private key'), $user);