aaa
This commit is contained in:
parent
137b39af20
commit
9c5231c298
3 changed files with 27 additions and 14 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -1 +1,2 @@
|
|||
data
|
||||
conf/ldap/ldap.env
|
||||
|
|
|
@ -2,6 +2,27 @@
|
|||
|
||||
$keys = array();
|
||||
|
||||
function get_cookie() {
|
||||
$cookie_name = 'X-LDAP-Auth-Key';
|
||||
if(isset($_COOKIE[$cookie_name])) {
|
||||
return $_COOKIE[$cookie_name];
|
||||
} else {
|
||||
return FALSE;
|
||||
}
|
||||
}
|
||||
|
||||
function store_cookie($key) {
|
||||
$cookie_name = 'X-LDAP-Auth-Key';
|
||||
setcookie(
|
||||
$cookie_name,
|
||||
$key,
|
||||
time() + (86400 * 30),
|
||||
"/",
|
||||
TRUE,
|
||||
TRUE
|
||||
);
|
||||
}
|
||||
|
||||
function load_key($key) {
|
||||
$file = "/tmp/$key";
|
||||
if (!file_exists($file))
|
||||
|
@ -34,10 +55,10 @@ function get_random($n)
|
|||
}
|
||||
|
||||
function key_auth() {
|
||||
if (!isset($_SESSION['auth'])) {
|
||||
$key = get_cookie();
|
||||
if ($key === FALSE) {
|
||||
return FALSE;
|
||||
}
|
||||
$key = $_SESSION['auth'];
|
||||
$data = load_key($key);
|
||||
if ($data === FALSE) {
|
||||
return FALSE;
|
||||
|
@ -55,5 +76,5 @@ function key_auth() {
|
|||
function key_new($user) {
|
||||
$key = get_random(128);
|
||||
store_key($key, $user);
|
||||
$_SESSION['auth'] = $key;
|
||||
store_cookie($key);
|
||||
}
|
||||
|
|
|
@ -10,15 +10,6 @@ require($webroot . '/helpers/ldap.php');
|
|||
require($webroot . '/helpers/auth.php');
|
||||
|
||||
// start session
|
||||
session_set_cookie_params(
|
||||
60 * 60 * 24, // lifetime (seconds),
|
||||
'/', // path
|
||||
NULL, // domain,
|
||||
TRUE, // secure,
|
||||
TRUE // http only
|
||||
);
|
||||
session_start();
|
||||
|
||||
function page($file, $data = array()) {
|
||||
extract($data);
|
||||
$webroot = $GLOBALS['webroot'];
|
||||
|
@ -56,8 +47,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|||
if ($_SERVER['REQUEST_URI'] !== '/login') {
|
||||
// we are being forwarded authed
|
||||
// redirect
|
||||
http_response_code(301);
|
||||
header("Location: https://$env/login");
|
||||
http_response_code(303);
|
||||
header("Location: http://$env/login");
|
||||
} else {
|
||||
page('login', array(
|
||||
'title' => 'Login'
|
||||
|
|
Loading…
Reference in a new issue