initial

1 files changed, 66 insertions, 0 deletions

diff --git a/src/web/index.php b/src/web/index.php
new file mode 100644
index 0000000..ffd6b06
--- /dev/null
+++ b/src/web/index.php
@@ -0,0 +1,66 @@
+<?php /* Copyright (c) 2024 Freya Murphy */
+
+ini_set('html_errors', '1');
+
+$webroot = dirname(__FILE__);
+$publicroot = realpath(dirname(__FILE__) . '/../public');
+
+// load stuff
+require($webroot . '/helpers/ldap.php');
+require($webroot . '/helpers/auth.php');
+
+// start session
+session_set_cookie_params(
+	60 * 60 * 24, // lifetime (seconds),
+	'/', // path
+	NULL, // domain,
+	TRUE, // secure,
+	TRUE // http only
+);
+session_start();
+
+function page($file,  $data = array()) {
+	extract($data);
+	$webroot = $GLOBALS['webroot'];
+	require($webroot . '/views/header.php');
+	require($webroot . "/views/$file.php");
+	require($webroot . '/views/footer.php');
+}
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+	parse_str(file_get_contents('php://input'), $post);
+	$res = ldap_auth($post['username'], $post['password']);
+	$msg = '';
+	$title = '';
+	if ($res) {
+		$msg = 'Authenticated. You can now go back to your content';
+		$title = 'Success';
+		key_new($post['username']);
+	} else {
+		$msg = 'Invalid Credentials';
+		$title = 'Error';
+	}
+	page('message', array(
+		'title' => $title,
+		'msg' => $msg
+	));
+} else {
+	if (($user = key_auth())) {
+		http_response_code(200);
+		header("X-Webauth-User: $user");
+		die();
+	}
+
+	$host = $_SERVER['HTTP_HOST'];
+	$env = getenv("HTTP_HOST");
+	if ($host != $env) {
+		// we are being forwarded authed
+		// redirect
+		http_response_code(301);
+		header("Location: https://$env");
+	} else {
+		page('login', array(
+			'title' => 'Login'
+		));
+	}
+}