This commit is contained in:
Freya Murphy 2024-05-27 11:39:53 -04:00
parent 137b39af20
commit 9c5231c298
Signed by: freya
GPG key ID: 744AB800E383AE52
3 changed files with 27 additions and 14 deletions

1
.gitignore vendored
View file

@ -1 +1,2 @@
data data
conf/ldap/ldap.env

View file

@ -2,6 +2,27 @@
$keys = array(); $keys = array();
function get_cookie() {
$cookie_name = 'X-LDAP-Auth-Key';
if(isset($_COOKIE[$cookie_name])) {
return $_COOKIE[$cookie_name];
} else {
return FALSE;
}
}
function store_cookie($key) {
$cookie_name = 'X-LDAP-Auth-Key';
setcookie(
$cookie_name,
$key,
time() + (86400 * 30),
"/",
TRUE,
TRUE
);
}
function load_key($key) { function load_key($key) {
$file = "/tmp/$key"; $file = "/tmp/$key";
if (!file_exists($file)) if (!file_exists($file))
@ -34,10 +55,10 @@ function get_random($n)
} }
function key_auth() { function key_auth() {
if (!isset($_SESSION['auth'])) { $key = get_cookie();
if ($key === FALSE) {
return FALSE; return FALSE;
} }
$key = $_SESSION['auth'];
$data = load_key($key); $data = load_key($key);
if ($data === FALSE) { if ($data === FALSE) {
return FALSE; return FALSE;
@ -55,5 +76,5 @@ function key_auth() {
function key_new($user) { function key_new($user) {
$key = get_random(128); $key = get_random(128);
store_key($key, $user); store_key($key, $user);
$_SESSION['auth'] = $key; store_cookie($key);
} }

View file

@ -10,15 +10,6 @@ require($webroot . '/helpers/ldap.php');
require($webroot . '/helpers/auth.php'); require($webroot . '/helpers/auth.php');
// start session // start session
session_set_cookie_params(
60 * 60 * 24, // lifetime (seconds),
'/', // path
NULL, // domain,
TRUE, // secure,
TRUE // http only
);
session_start();
function page($file, $data = array()) { function page($file, $data = array()) {
extract($data); extract($data);
$webroot = $GLOBALS['webroot']; $webroot = $GLOBALS['webroot'];
@ -56,8 +47,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if ($_SERVER['REQUEST_URI'] !== '/login') { if ($_SERVER['REQUEST_URI'] !== '/login') {
// we are being forwarded authed // we are being forwarded authed
// redirect // redirect
http_response_code(301); http_response_code(303);
header("Location: https://$env/login"); header("Location: http://$env/login");
} else { } else {
page('login', array( page('login', array(
'title' => 'Login' 'title' => 'Login'