Business
/
BusinessAppTemplate
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 3 Wiki Activity
Browse Source

Redirect to AccountHub for user login

Skylar Ittner 1 month ago
parent
3f32258ba0
commit
a559901ac0
3 changed files with 75 additions and 164 deletions
Split View Show Diff Stats
  1. 1
    1
      action.php
  2. 72
    151
      index.php
  3. 2
    12
      langs/en/core.json

+ 1
- 1
action.php View File 

@@ -33,6 +33,6 @@ function returnToSender($msg, $arg = "") {
33 33 
 switch ($VARS['action']) {
34 34 
     case "signout":
35 35 
         session_destroy();
36 
-        header('Location: index.php');
36 
+        header('Location: index.php?logout=1');
37 37 
         die("Logged out.");
38 38 
 }

+ 72
- 151
index.php View File 

@@ -1,7 +1,9 @@
1 1 
 <?php
2 
-/* This Source Code Form is subject to the terms of the Mozilla Public
2 
+/*
3 
+ * This Source Code Form is subject to the terms of the Mozilla Public
3 4 
  * License, v. 2.0. If a copy of the MPL was not distributed with this
4 
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
5 
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
6 
+ */
5 7
6 8 
 require_once __DIR__ . "/required.php";
7 9 
 
@@ -10,166 +12,85 @@ if (!empty($_SESSION['loggedin']) && $_SESSION['loggedin'] === true && !isset($_
10 12 
     header('Location: app.php');
11 13 
 }
12 14
13 
-if (isset($_GET['permissionerror'])) {
14 
-    $alert = $Strings->get("no access permission", false);
15 
-}
15 
+if (!empty($_GET['logout'])) {
16 
+    // Show a logout message instead of immediately redirecting to login flow
17 
+    ?>
18 
+    <!DOCTYPE html>
19 
+    <meta charset="UTF-8">
20 
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
21 
+    <meta name="viewport" content="width=device-width, initial-scale=1">
16 22
17 
-/* Authenticate user */
18 
-$userpass_ok = false;
19 
-$multiauth = false;
20 
-if (Login::checkLoginServer()) {
21 
-    if (empty($VARS['progress'])) {
22 
-        // Easy way to remove "undefined" warnings.
23 
-    } else if ($VARS['progress'] == "1") {
24 
-        if (!$SETTINGS['captcha']['enabled'] || ($SETTINGS['captcha']['enabled'] && Login::verifyCaptcha($VARS['captcheck_session_code'], $VARS['captcheck_selected_answer'], $SETTINGS['captcha']['server'] . "/api.php"))) {
25 
-            $autherror = "";
26 
-            $user = User::byUsername($VARS['username']);
27 
-            if ($user->exists()) {
28 
-                $status = $user->getStatus()->getString();
29 
-                switch ($status) {
30 
-                    case "LOCKED_OR_DISABLED":
31 
-                        $alert = $Strings->get("account locked", false);
32 
-                        break;
33 
-                    case "TERMINATED":
34 
-                        $alert = $Strings->get("account terminated", false);
35 
-                        break;
36 
-                    case "CHANGE_PASSWORD":
37 
-                        $alert = $Strings->get("password expired", false);
38 
-                        break;
39 
-                    case "NORMAL":
40 
-                        $username_ok = true;
41 
-                        break;
42 
-                    case "ALERT_ON_ACCESS":
43 
-                        $mail_resp = $user->sendAlertEmail();
44 
-                        if ($SETTINGS['debug']) {
45 
-                            var_dump($mail_resp);
46 
-                        }
47 
-                        $username_ok = true;
48 
-                        break;
49 
-                    default:
50 
-                        if (!empty($error)) {
51 
-                            $alert = $error;
52 
-                        } else {
53 
-                            $alert = $Strings->get("login error", false);
54 
-                        }
55 
-                        break;
56 
-                }
57 
-                if ($username_ok) {
58 
-                    if ($user->checkPassword($VARS['password'])) {
59 
-                        $_SESSION['passok'] = true; // stop logins using only username and authcode
60 
-                        if ($user->has2fa()) {
61 
-                            $multiauth = true;
62 
-                        } else {
63 
-                            Session::start($user);
64 
-                            header('Location: app.php');
65 
-                            die("Logged in, go to app.php");
66 
-                        }
67 
-                    } else {
68 
-                        $alert = $Strings->get("login incorrect", false);
69 
-                    }
70 
-                }
71 
-            } else { // User does not exist anywhere
72 
-                $alert = $Strings->get("login incorrect", false);
73 
-            }
74 
-        } else {
75 
-            $alert = $Strings->get("captcha error", false);
23 
+    <title><?php echo $SETTINGS['site_title']; ?></title>
24 
+
25 
+    <link rel="icon" href="static/img/logo.svg">
26 
+
27 
+    <link href="static/css/bootstrap.min.css" rel="stylesheet">
28 
+    <link href="static/css/svg-with-js.min.css" rel="stylesheet">
29 
+    <style nonce="<?php echo $SECURE_NONCE; ?>">
30 
+        .display-5 {
31 
+            font-size: 3rem;
32 
+            font-weight: 300;
33 
+            line-height: 1.2;
76 34 
         }
77 
-    } else if ($VARS['progress'] == "2") {
78 
-        $user = User::byUsername($VARS['username']);
79 
-        if ($_SESSION['passok'] !== true) {
80 
-            // stop logins using only username and authcode
81 
-            sendError("Password integrity check failed!");
35 
+    </style>
36 
+
37 
+    <div class="container mt-4">
38 
+        <div class="row justify-content-center">
39 
+            <div class="col-12 text-center">
40 
+                <h1 class="display-5 mb-4"><?php $Strings->get("You have been logged out.") ?></h1>
41 
+            </div>
42 
+
43 
+            <div class="col-12 col-sm-8 col-lg-6">
44 
+                <div class="card mt-4">
45 
+                    <div class="card-body">
46 
+                        <a href="./index.php" class="btn btn-primary btn-block"><?php $Strings->get("Log in again"); ?></a>
47 
+                    </div>
48 
+                </div>
49 
+            </div>
50 
+        </div>
51 
+    </div>
52 
+
53 
+    <script src="static/js/fontawesome-all.min.js"></script>
54 
+    <?php
55 
+    die();
56 
+}
57 
+
58 
+if (empty($_SESSION["login_code"])) {
59 
+    $redirecttologin = true;
60 
+} else {
61 
+    try {
62 
+        $uidinfo = AccountHubApi::get("checkloginkey", ["code" => $_SESSION["login_code"]]);
63 
+        if ($uidinfo["status"] == "ERROR") {
64 
+            throw new Exception();
82 65 
         }
83 
-        if ($user->check2fa($VARS['authcode'])) {
66 
+        if (is_numeric($uidinfo['uid'])) {
67 
+            $user = new User($uidinfo['uid'] * 1);
84 68 
             Session::start($user);
69 
+            $_SESSION["login_code"] = null;
85 70 
             header('Location: app.php');
86 71 
             die("Logged in, go to app.php");
87 72 
         } else {
88 
-            $alert = $Strings->get("2fa incorrect", false);
73 
+            throw new Exception();
89 74 
         }
75 
+    } catch (Exception $ex) {
76 
+        $redirecttologin = true;
90 77 
     }
91 
-} else {
92 
-    $alert = $Strings->get("login server unavailable", false);
93 78 
 }
94 
-header("Link: <static/fonts/Roboto.css>; rel=preload; as=style", false);
95 
-header("Link: <static/css/bootstrap.min.css>; rel=preload; as=style", false);
96 
-header("Link: <static/css/material-color/material-color.min.css>; rel=preload; as=style", false);
97 
-header("Link: <static/css/index.css>; rel=preload; as=style", false);
98 
-header("Link: <static/js/jquery-3.3.1.min.js>; rel=preload; as=script", false);
99 
-header("Link: <static/js/bootstrap.bundle.min.js>; rel=preload; as=script", false);
100 
-?>
101 
-<!DOCTYPE html>
102 
-<html>
103 
-    <head>
104 
-        <meta charset="UTF-8">
105 
-        <meta http-equiv="X-UA-Compatible" content="IE=edge">
106 
-        <meta name="viewport" content="width=device-width, initial-scale=1">
107 79
108 
-        <title><?php echo $SETTINGS['site_title']; ?></title>
80 
+if ($redirecttologin) {
81 
+    try {
82 
+        $codedata = AccountHubApi::get("getloginkey", ["appname" => $SETTINGS["site_title"]]);
109 83
110 
-        <link rel="icon" href="static/img/logo.svg">
84 
+        if ($codedata['status'] != "OK") {
85 
+            throw new Exception($Strings->get("login server unavailable", false));
86 
+        }
111 87
112 
-        <link href="static/css/bootstrap.min.css" rel="stylesheet">
113 
-        <link href="static/css/material-color/material-color.min.css" rel="stylesheet">
114 
-        <link href="static/css/index.css" rel="stylesheet">
115 
-        <?php if ($SETTINGS['captcha']['enabled']) { ?>
116 
-            <script src="<?php echo $SETTINGS['captcha']['server'] ?>/captcheck.dist.js"></script>
117 
-        <?php } ?>
118 
-    </head>
119 
-    <body>
120 
-        <div class="row justify-content-center">
121 
-            <div class="col-auto">
122 
-                <img class="banner-image" src="static/img/logo.svg" />
123 
-            </div>
124 
-        </div>
125 
-        <div class="row justify-content-center">
126 
-            <div class="card col-11 col-xs-11 col-sm-8 col-md-6 col-lg-4">
127 
-                <div class="card-body">
128 
-                    <h5 class="card-title"><?php $Strings->get("sign in"); ?></h5>
129 
-                    <form action="" method="POST">
130 
-                        <?php
131 
-                        if (!empty($alert)) {
132 
-                            ?>
133 
-                            <div class="alert alert-danger">
134 
-                                <i class="fa fa-fw fa-exclamation-triangle"></i> <?php echo $alert; ?>
135 
-                            </div>
136 
-                            <?php
137 
-                        }
88 
+        $redirecturl = $url = (isset($_SERVER['HTTPS']) ? "https" : "http") . "://" . $_SERVER['HTTP_HOST'] . (($_SERVER['SERVER_PORT'] != 80 && $_SERVER['SERVER_PORT'] != 443) ? ":" . $_SERVER['SERVER_PORT'] : "") . $_SERVER['REQUEST_URI'];
138 89
139 
-                        if ($multiauth != true) {
140 
-                            ?>
141 
-                            <input type="text" class="form-control" name="username" placeholder="<?php $Strings->get("username"); ?>" required="required" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" autofocus /><br />
142 
-                            <input type="password" class="form-control" name="password" placeholder="<?php $Strings->get("password"); ?>" required="required" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" /><br />
143 
-                            <?php if ($SETTINGS['captcha']['enabled']) { ?>
144 
-                                <div class="captcheck_container" data-stylenonce="<?php echo $SECURE_NONCE; ?>"></div>
145 
-                                <br />
146 
-                            <?php } ?>
147 
-                            <input type="hidden" name="progress" value="1" />
148 
-                            <?php
149 
-                        } else if ($multiauth) {
150 
-                            ?>
151 
-                            <div class="alert alert-info">
152 
-                                <?php $Strings->get("2fa prompt"); ?>
153 
-                            </div>
154 
-                            <input type="text" class="form-control" name="authcode" placeholder="<?php $Strings->get("authcode"); ?>" required="required" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" autofocus /><br />
155 
-                            <input type="hidden" name="progress" value="2" />
156 
-                            <input type="hidden" name="username" value="<?php echo $VARS['username']; ?>" />
157 
-                            <?php
158 
-                        }
159 
-                        ?>
160 
-                        <button type="submit" class="btn btn-primary">
161 
-                            <?php $Strings->get("continue"); ?>
162 
-                        </button>
163 
-                    </form>
164 
-                </div>
165 
-            </div>
166 
-        </div>
167 
-        <div class="footer">
168 
-            <?php echo $SETTINGS['footer_text']; ?><br />
169 
-            Copyright &copy; <?php echo date('Y'); ?> <?php echo $SETTINGS['copyright']; ?>
170 
-        </div>
171 
-    </div>
172 
-    <script src="static/js/jquery-3.3.1.min.js"></script>
173 
-    <script src="static/js/bootstrap.bundle.min.js"></script>
174 
-</body>
175 
-</html>
90 
+        $_SESSION["login_code"] = $codedata["code"];
91 
+
92 
+        header("Location: " . $codedata["loginurl"] . "?code=" . htmlentities($codedata["code"]) . "&redirect=" . htmlentities($redirecturl));
93 
+    } catch (Exception $ex) {
94 
+        sendError($ex->getMessage());
95 
+    }
96 
+}

+ 2
- 12
langs/en/core.json View File 

@@ -1,17 +1,7 @@
1 1 
 {
2 
-    "sign in": "Sign In",
3 
-    "username": "Username",
4 
-    "password": "Password",
5 
-    "continue": "Continue",
6 
-    "authcode": "Authentication code",
7 
-    "2fa prompt": "Enter the six-digit code from your mobile authenticator app.",
8 
-    "2fa incorrect": "Authentication code incorrect.",
9 
-    "login incorrect": "Login incorrect.",
2 
+    "You have been logged out.": "You have been logged out.",
3 
+    "Log in again": "Log in again",
10 4 
     "login server unavailable": "Login server unavailable.  Try again later or contact technical support.",
11 
-    "account locked": "This account has been disabled. Contact technical support.",
12 
-    "password expired": "You must change your password before continuing.",
13 
-    "account terminated": "Account terminated.  Access denied.",
14 
-    "account state error": "Your account state is not stable.  Log out, restart your browser, and try again.",
15 5 
     "welcome user": "Welcome, {user}!",
16 6 
     "sign out": "Sign out",
17 7 
     "settings": "Settings",

Write Preview
Loading…
Cancel
Save