freya/ldap_forwardauth
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add logout, better router

Browse source
This commit is contained in:
Murphy 2024-05-31 19:10:47 -04:00
parent 39bcb09a36
commit 2e726ac423
Signed by: freya
GPG key ID: 744AB800E383AE52
2 changed files with 61 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/web/helpers/auth.php
View file

@ -34,6 +34,11 @@ class AuthHelper {
file_put_contents($path, $data, LOCK_EX);
}
public function delete_session(Session $session): int {
$path = "/tmp/{$session->token}";
return unlink($path) ? 0 : 1;
}
/**
* Loads the auth session associated with a specific key
* @param string $token - the session $key

92
src/web/router.php
View file

@ -50,10 +50,9 @@ class Router {
* Gets the HTTP request information
*/
private function get_req(): array {
return array(
'path' => $_SERVER['REQUEST_URI'],
'method' => $_SERVER['REQUEST_METHOD'],
);
$path = $_SERVER['REQUEST_URI'];
$method = $_SERVER['REQUEST_METHOD'];
return [$method, $path];
}
/**
@ -85,14 +84,14 @@ class Router {
$info = $this->get_post_info('username', 'password');
if ($info == NULL) {
http_response_code(400);
$this->send_message('Bad Requet', 'Credentials were not supplied');
$this->send_message('400', 'Credentials were not supplied');
return;
}
$user = $this->ldap->search($info['username']);
if ($user == NULL || !count($user)) {
http_response_code(400);
$this->send_message('Bad Requst', 'User does not exist');
$this->send_message('Error', 'User does not exist');
return;
}
@ -103,7 +102,7 @@ class Router {
$info['password']
)) {
http_response_code(400);
$this->send_message('Bad Requst', 'Invalid Credentials');
$this->send_message('Error', 'Invalid Credentials');
return;
}
@ -114,41 +113,62 @@ class Router {
$this->send_message('Success', 'Authenticated. You can now go back to your content');
}
/**
* Handles the HTTP request
* @param array<string,string> $req
*/
private function handle_req(array $req): void {
if ($req['method'] == 'POST') {
$this->handle_login();
return;
}
private function handle_logout(): void {
$session = $this->auth->get_session();
if ($session == NULL) {
// user is NOT authenticated
if ($req['path'] == '/login') {
// user is requesting login page
http_response_code(200);
$this->send_page('login', array(
'title' => 'Login'
));
} else {
// user is trying to forward auth
// redirect them to login
http_response_code(303);
header("Location: http://{$this->domain}/login");
}
} else {
// user is authenticated
$session->reset_expiry();
$session->write_headers();
$this->auth->save_session($session);
http_response_code(303);
header("Location: http://{$this->domain}/login");
return;
}
if ($this->auth->delete_session($session)) {
http_response_code(500);
$this->send_message('Error',
'Could not log out.');
return;
}
http_response_code(200);
$this->send_message('Logged Out',
'You have been logged out successfully.');
}
private function handle_auth(): void {
$session = $this->auth->get_session();
if ($session == NULL) {
// redirect them to login
http_response_code(303);
header("Location: http://{$this->domain}/login");
} else {
// update session expiry
$session->reset_expiry();
$this->auth->save_session($session);
// send auth info
http_response_code(200);
$session->write_headers();
$this->send_message('Authenticated',
'You are already logged in.<br><br><a href="logout">Log Out</a>');
}
}
private function page_login(): void {
http_response_code(200);
$this->send_page('login', array(
'title' => 'Login'
));
}
private function page_not_found(): void {
http_response_code(404);
$this->send_message('404', 'Not Found');
}
public function handle(): void {
$req = $this->get_req();
$this->handle_req($req);
match ($this->get_req()) {
['GET', '/'] => $this->handle_auth(),
['GET', '/login'] => $this->page_login(),
['POST', '/login'] => $this->handle_login(),
['GET', '/logout'] => $this->handle_logout(),
_ => $this->page_not_found()
};
}
}