diff options
| author | Freya Murphy <freya@freyacat.org> | 2024-05-31 19:10:47 -0400 |
|---|---|---|
| committer | Freya Murphy <freya@freyacat.org> | 2024-05-31 19:10:47 -0400 |
| commit | 2e726ac42343e58707baeb915dec153ef2839658 (patch) | |
| tree | 8362e82dc66515a9c7745a4979cc7fff7ca49a71 | |
| parent | many changes (diff) | |
| download | ldap_forwardauth-2e726ac42343e58707baeb915dec153ef2839658.tar.gz ldap_forwardauth-2e726ac42343e58707baeb915dec153ef2839658.tar.bz2 ldap_forwardauth-2e726ac42343e58707baeb915dec153ef2839658.zip | |
add logout, better router
| -rw-r--r-- | src/web/helpers/auth.php | 5 | ||||
| -rw-r--r-- | src/web/router.php | 82 |
2 files changed, 56 insertions, 31 deletions
diff --git a/src/web/helpers/auth.php b/src/web/helpers/auth.php index 187f556..4d7f184 100644 --- a/src/web/helpers/auth.php +++ b/src/web/helpers/auth.php @@ -34,6 +34,11 @@ class AuthHelper { file_put_contents($path, $data, LOCK_EX); } + public function delete_session(Session $session): int { + $path = "/tmp/{$session->token}"; + return unlink($path) ? 0 : 1; + } + /** * Loads the auth session associated with a specific key * @param string $token - the session $key diff --git a/src/web/router.php b/src/web/router.php index 91deaa2..ce30f8b 100644 --- a/src/web/router.php +++ b/src/web/router.php @@ -50,10 +50,9 @@ class Router { * Gets the HTTP request information */ private function get_req(): array { - return array( - 'path' => $_SERVER['REQUEST_URI'], - 'method' => $_SERVER['REQUEST_METHOD'], - ); + $path = $_SERVER['REQUEST_URI']; + $method = $_SERVER['REQUEST_METHOD']; + return [$method, $path]; } /** @@ -85,14 +84,14 @@ class Router { $info = $this->get_post_info('username', 'password'); if ($info == NULL) { http_response_code(400); - $this->send_message('Bad Requet', 'Credentials were not supplied'); + $this->send_message('400', 'Credentials were not supplied'); return; } $user = $this->ldap->search($info['username']); if ($user == NULL || !count($user)) { http_response_code(400); - $this->send_message('Bad Requst', 'User does not exist'); + $this->send_message('Error', 'User does not exist'); return; } @@ -103,7 +102,7 @@ class Router { $info['password'] )) { http_response_code(400); - $this->send_message('Bad Requst', 'Invalid Credentials'); + $this->send_message('Error', 'Invalid Credentials'); return; } @@ -114,41 +113,62 @@ class Router { $this->send_message('Success', 'Authenticated. You can now go back to your content'); } - /** - * Handles the HTTP request - * @param array<string,string> $req - */ - private function handle_req(array $req): void { - if ($req['method'] == 'POST') { - $this->handle_login(); + private function handle_logout(): void { + $session = $this->auth->get_session(); + if ($session == NULL) { + http_response_code(303); + header("Location: http://{$this->domain}/login"); return; } + if ($this->auth->delete_session($session)) { + http_response_code(500); + $this->send_message('Error', + 'Could not log out.'); + return; + } + http_response_code(200); + $this->send_message('Logged Out', + 'You have been logged out successfully.'); + } + + private function handle_auth(): void { $session = $this->auth->get_session(); if ($session == NULL) { - // user is NOT authenticated - if ($req['path'] == '/login') { - // user is requesting login page - http_response_code(200); - $this->send_page('login', array( - 'title' => 'Login' - )); - } else { - // user is trying to forward auth - // redirect them to login - http_response_code(303); - header("Location: http://{$this->domain}/login"); - } + // redirect them to login + http_response_code(303); + header("Location: http://{$this->domain}/login"); } else { - // user is authenticated + // update session expiry $session->reset_expiry(); - $session->write_headers(); $this->auth->save_session($session); + // send auth info + http_response_code(200); + $session->write_headers(); + $this->send_message('Authenticated', + 'You are already logged in.<br><br><a href="logout">Log Out</a>'); } } + private function page_login(): void { + http_response_code(200); + $this->send_page('login', array( + 'title' => 'Login' + )); + } + + private function page_not_found(): void { + http_response_code(404); + $this->send_message('404', 'Not Found'); + } + public function handle(): void { - $req = $this->get_req(); - $this->handle_req($req); + match ($this->get_req()) { + ['GET', '/'] => $this->handle_auth(), + ['GET', '/login'] => $this->page_login(), + ['POST', '/login'] => $this->handle_login(), + ['GET', '/logout'] => $this->handle_logout(), + _ => $this->page_not_found() + }; } } |