diff --git a/index.php b/index.php
index e4cafd8..1bdd70d 100644
--- a/index.php
+++ b/index.php
@@ -13,8 +13,19 @@ if (!empty($_SESSION['loggedin']) && $_SESSION['loggedin'] === true && !isset($_
die();
}
-if (!empty($_GET['logout'])) {
- // Show a logout message instead of immediately redirecting to login flow
+/**
+ * Show a simple HTML page with a line of text and a button. Matches the UI of
+ * the AccountHub login flow.
+ *
+ * @global type $SETTINGS
+ * @global type $SECURE_NONCE
+ * @global type $Strings
+ * @param string $title Text to show, passed through i18n
+ * @param string $button Button text, passed through i18n
+ * @param string $url URL for the button
+ */
+function showHTML(string $title, string $button, string $url) {
+ global $SETTINGS, $SECURE_NONCE, $Strings;
?>
@@ -26,7 +37,6 @@ if (!empty($_GET['logout'])) {
-
@@ -54,24 +59,25 @@ if (!empty($_GET['logout'])) {
-
get("You have been logged out.") ?>
+ get($title); ?>
-
-
hasPermission($perm)) {
+ showHTML("no access permission", "sign out", "./action.php?action=signout");
+ die();
+ }
+ }
Session::start($user);
$_SESSION["login_code"] = null;
header('Location: app.php');
- die("Logged in, go to app.php");
+ showHTML("Logged in", "Continue", "./app.php");
+ die();
} else {
throw new Exception();
}
@@ -108,7 +121,10 @@ if ($redirecttologin) {
$_SESSION["login_code"] = $codedata["code"];
- header("Location: " . $codedata["loginurl"] . "?code=" . htmlentities($codedata["code"]) . "&redirect=" . htmlentities($redirecturl));
+ $locationurl = $codedata["loginurl"] . "?code=" . htmlentities($codedata["code"]) . "&redirect=" . htmlentities($redirecturl);
+ header("Location: $locationurl");
+ showHTML("Continue", "Continue", $locationurl);
+ die();
} catch (Exception $ex) {
sendError($ex->getMessage());
}
diff --git a/langs/en/core.json b/langs/en/core.json
index 20eac0a..f2d85fb 100644
--- a/langs/en/core.json
+++ b/langs/en/core.json
@@ -1,16 +1,7 @@
{
- "You have been logged out.": "You have been logged out.",
- "Log in again": "Log in again",
- "login server unavailable": "Login server unavailable. Try again later or contact technical support.",
- "welcome user": "Welcome, {user}!",
"sign out": "Sign out",
- "settings": "Settings",
- "options": "Options",
"404 error": "404 Error",
"page not found": "Page not found.",
"invalid parameters": "Invalid request parameters.",
- "login server error": "The login server returned an error: {arg}",
- "login server user data error": "The login server refused to provide account information. Try again or contact technical support.",
- "captcha error": "There was a problem with the CAPTCHA (robot test). Try again.",
- "no access permission": "You do not have permission to access this system."
+ "login server error": "The login server returned an error: {arg}"
}
diff --git a/langs/en/index.json b/langs/en/index.json
new file mode 100644
index 0000000..c516bbb
--- /dev/null
+++ b/langs/en/index.json
@@ -0,0 +1,8 @@
+{
+ "You have been logged out.": "You have been logged out.",
+ "Log in again": "Log in again",
+ "login server unavailable": "Login server unavailable. Try again later or contact technical support.",
+ "no access permission": "You do not have permission to access this system.",
+ "Logged in": "Logged in",
+ "Continue": "Continue"
+}
diff --git a/lib/Login.lib.php b/lib/Login.lib.php
index b136c6c..219cfea 100644
--- a/lib/Login.lib.php
+++ b/lib/Login.lib.php
@@ -45,29 +45,6 @@ class Login {
return Login::LOGIN_OK;
}
- public static function verifyCaptcha(string $session, string $answer, string $url): bool {
- $data = [
- 'session_id' => $session,
- 'answer_id' => $answer,
- 'action' => "verify"
- ];
- $options = [
- 'http' => [
- 'header' => "Content-type: application/x-www-form-urlencoded\r\n",
- 'method' => 'POST',
- 'content' => http_build_query($data)
- ]
- ];
- $context = stream_context_create($options);
- $result = file_get_contents($url, false, $context);
- $resp = json_decode($result, TRUE);
- if (!$resp['result']) {
- return false;
- } else {
- return true;
- }
- }
-
/**
* Check the login server API for sanity
* @return boolean true if OK, else false
diff --git a/required.php b/required.php
index 3fe1060..3cfa346 100644
--- a/required.php
+++ b/required.php
@@ -32,7 +32,6 @@ session_start(); // stick some cookies in it
// renew session cookie
setcookie(session_name(), session_id(), time() + $session_length, "/", false, false);
-$captcha_server = ($SETTINGS['captcha']['enabled'] === true ? preg_replace("/http(s)?:\/\//", "", $SETTINGS['captcha']['server']) : "");
if ($_SESSION['mobile'] === TRUE) {
header("Content-Security-Policy: "
. "default-src 'self';"
@@ -42,8 +41,8 @@ if ($_SESSION['mobile'] === TRUE) {
. "frame-src 'none'; "
. "font-src 'self'; "
. "connect-src *; "
- . "style-src 'self' 'unsafe-inline' $captcha_server; "
- . "script-src 'self' 'unsafe-inline' $captcha_server");
+ . "style-src 'self' 'unsafe-inline'; "
+ . "script-src 'self' 'unsafe-inline'");
} else {
header("Content-Security-Policy: "
. "default-src 'self';"
@@ -53,8 +52,8 @@ if ($_SESSION['mobile'] === TRUE) {
. "frame-src 'none'; "
. "font-src 'self'; "
. "connect-src *; "
- . "style-src 'self' 'nonce-$SECURE_NONCE' $captcha_server; "
- . "script-src 'self' 'nonce-$SECURE_NONCE' $captcha_server");
+ . "style-src 'self' 'nonce-$SECURE_NONCE'; "
+ . "script-src 'self' 'nonce-$SECURE_NONCE'");
}
//
diff --git a/settings.template.php b/settings.template.php
index b1a61fa..9f3a3c5 100644
--- a/settings.template.php
+++ b/settings.template.php
@@ -39,14 +39,11 @@ $SETTINGS = [
// API key
"key" => "123"
],
+ // List of required user permissions to access this app.
+ "permissions" => [
+ ],
// For supported values, see http://php.net/manual/en/timezones.php
"timezone" => "America/Denver",
- // Use Captcheck on login screen to slow down bots
- // https://captcheck.netsyms.com
- "captcha" => [
- "enabled" => false,
- "server" => "https://captcheck.netsyms.com"
- ],
// Language to use for localization. See langs folder to add a language.
"language" => "en",
// Shown in the footer of all the pages.
diff --git a/static/css/index.css b/static/css/index.css
deleted file mode 100644
index 81e0ba0..0000000
--- a/static/css/index.css
+++ /dev/null
@@ -1,15 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-.banner-image {
- max-height: 100px;
- margin: 2em auto;
- border: 1px solid grey;
- border-radius: 15%;
-}
-
-.footer {
- margin-top: 10em;
- text-align: center;
-}
\ No newline at end of file