blob: 8ae7a95834a4b77889ad0273e929e0e4cc6ba499 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
<?php /* Copyright (c) 2024 Freya Murphy */
ini_set('html_errors', '1');
$webroot = dirname(__FILE__);
$publicroot = realpath(dirname(__FILE__) . '/../public');
// load stuff
require($webroot . '/helpers/ldap.php');
require($webroot . '/helpers/auth.php');
// start session
function page($file, $data = array()) {
extract($data);
$webroot = $GLOBALS['webroot'];
require($webroot . '/views/header.php');
require($webroot . "/views/$file.php");
require($webroot . '/views/footer.php');
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
parse_str(file_get_contents('php://input'), $post);
$res = ldap_auth($post['username'], $post['password']);
$msg = '';
$title = '';
if ($res) {
$msg = 'Authenticated. You can now go back to your content';
$title = 'Success';
key_new($post['username']);
} else {
$msg = 'Invalid Credentials';
$title = 'Error';
}
page('message', array(
'title' => $title,
'msg' => $msg
));
} else {
if (($user = key_auth())) {
http_response_code(200);
header("X-Webauth-User: $user");
die();
}
$host = $_SERVER['HTTP_HOST'];
$env = getenv("HTTP_HOST");
if ($_SERVER['REQUEST_URI'] !== '/login') {
// we are being forwarded authed
// redirect
http_response_code(303);
header("Location: http://$env/login");
} else {
page('login', array(
'title' => 'Login'
));
}
}
|
