ldap = new LDAPHelper(); $this->auth = new AuthHelper(); $this->domain = CONFIG["HTTP_HOST"]; } /** * Displays a page to the user * @param string $file * @param array $data */ private function send_page( string $file, array $data = array() ): void { $data['bg'] = random_int(1, 70); extract($data); $webroot = $GLOBALS['webroot']; require($webroot . '/views/header.php'); require($webroot . "/views/$file.php"); require($webroot . '/views/footer.php'); } /** * Displays a message to the user (message page) * @param string $title * @param string $msg * @param int $code */ private function send_message( string $title, string $msg ): void { $this->send_page('message', array( 'title' => $title, 'msg' => $msg )); } /** * Gets the HTTP request information */ private function get_req(): array { $uri = $_SERVER['REQUEST_URI']; $path = parse_url($uri)['path']; $method = $_SERVER['REQUEST_METHOD']; return [$method, $path]; } /** * @param array $fields */ private function get_post_info( string ...$fields ): ?array { $values = array(); try { $temp = NULL; parse_str(file_get_contents('php://input'), $temp); foreach ($temp as $key => $value) { $_POST[$key] = $value; } } catch (Exception $_e) {} foreach ($fields as $key) { if (!isset($_POST[$key])) return NULL; $values[$key] = $_POST[$key]; } return $values; } private function handle_login(): void { $info = $this->get_post_info('username', 'password'); if ($info == NULL) { http_response_code(400); $this->send_message('400', 'Credentials were not supplied'); return; } $redirect = $this->get_post_info('redirect') ?? ''; if (is_array($redirect)) { $redirect = $redirect['redirect']; $redirect = base64_decode($redirect); } $user = $this->ldap->search($info['username']); if ($user == NULL || !count($user)) { http_response_code(400); $this->send_page('error', array( 'title' => 'Error', 'redirect' => $redirect)); return; } $user = $user[0]; if ($this->ldap->bind( $user->dn, $info['password'] )) { http_response_code(400); $this->send_message('Error', 'Invalid Credentials'); return; } $session = $this->auth->create_session($user); if ($redirect == '') { http_response_code(200); $session->write_headers(); $this->send_message('Success', 'Authenticated. You can now go back to your content'); } else { if (!str_starts_with($redirect, 'http')) { $redirect = 'http://' . $redirect; } http_response_code(303); $session->write_headers(); header("Location: $redirect"); } } private function handle_logout(): void { $session = $this->auth->get_session(); if ($session == NULL) { http_response_code(303); header("Location: http://{$this->domain}/login"); return; } if ($this->auth->delete_session($session)) { http_response_code(500); $this->send_message('Error', 'Could not log out.'); return; } http_response_code(200); $this->send_message('Logged Out', 'You have been logged out successfully.'); } private function handle_auth(): void { $session = $this->auth->get_session(); if ($session == NULL) { // redirect them to login http_response_code(303); header("Location: http://{$this->domain}/login"); } else { // update session expiry $session->reset_expiry(); $this->auth->save_session($session); // send auth info http_response_code(200); $session->write_headers(); $this->send_message('Authenticated', 'Log Out'); } } private function page_login(): void { http_response_code(200); $this->send_page('login', array( 'title' => 'Login', 'redirect' => $_GET['redirect'] ?? '' )); } private function page_not_found(): void { http_response_code(404); $this->send_message('Not Found', '404'); } public function handle(): void { match ($this->get_req()) { ['GET', '/'] => $this->handle_auth(), ['GET', '/login'] => $this->page_login(), ['POST', '/login'] => $this->handle_login(), ['GET', '/logout'] => $this->handle_logout(), default => $this->page_not_found() }; } }