Browse Source

Merge BusinessAppTemplate

# Conflicts:
#	lib/User.lib.php
#	pages/form.php
Skylar Ittner 1 month ago
parent
commit
be00440f58
4 changed files with 45 additions and 23 deletions
  1. 13
    15
      api/functions.php
  2. 2
    0
      api/index.php
  3. 22
    6
      lib/FormBuilder.lib.php
  4. 8
    2
      lib/User.lib.php

+ 13
- 15
api/functions.php View File

@@ -55,24 +55,22 @@ function authenticate(): bool {
55 55
     global $VARS;
56 56
     // HTTP basic auth
57 57
     if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
58
-        $user = User::byUsername($_SERVER['PHP_AUTH_USER']);
59
-        if (!$user->checkPassword($_SERVER['PHP_AUTH_PW'])) {
60
-            return false;
61
-        }
62
-        return true;
63
-    }
64
-    // Form auth
65
-    if (empty($VARS['username']) || empty($VARS['password'])) {
66
-        return false;
67
-    } else {
58
+        $username = $_SERVER['PHP_AUTH_USER'];
59
+        $password = $_SERVER['PHP_AUTH_PW'];
60
+    } else if (!empty($VARS['username']) && !empty($VARS['password'])) {
68 61
         $username = $VARS['username'];
69 62
         $password = $VARS['password'];
70
-        $user = User::byUsername($username);
71
-        if ($user->exists() !== true || Login::auth($username, $password) !== Login::LOGIN_OK) {
72
-            return false;
73
-        }
63
+    } else {
64
+        return false;
65
+    }
66
+    $user = User::byUsername($username);
67
+    if (!$user->exists()) {
68
+        return false;
69
+    }
70
+    if ($user->checkPassword($password, true)) {
71
+        return true;
74 72
     }
75
-    return true;
73
+    return false;
76 74
 }
77 75
 
78 76
 /**

+ 2
- 0
api/index.php View File

@@ -10,6 +10,8 @@ require __DIR__ . '/../required.php';
10 10
 require __DIR__ . '/functions.php';
11 11
 require __DIR__ . '/apisettings.php';
12 12
 
13
+header("Access-Control-Allow-Origin: *");
14
+
13 15
 $VARS = $_GET;
14 16
 if ($_SERVER['REQUEST_METHOD'] != "GET") {
15 17
     $VARS = array_merge($VARS, $_POST);

+ 22
- 6
lib/FormBuilder.lib.php View File

@@ -178,7 +178,10 @@ HTMLTOP;
178 178
             }
179 179
             $itemhtml = "";
180 180
             $itemlabel = "";
181
-            if ($item['type'] != "checkbox") {
181
+
182
+            if ($item['type'] == "textarea") {
183
+                $itemlabel = "<label class=\"mb-0\"><i class=\"$item[icon]\"></i> $item[label]:</label>";
184
+            } else if ($item['type'] != "checkbox") {
182 185
                 $itemlabel = "<label class=\"mb-0\">$item[label]:</label>";
183 186
             }
184 187
             $strippedlabel = strip_tags($item['label']);
@@ -186,13 +189,16 @@ HTMLTOP;
186 189
 \n\n                <div class="col-12 col-md-$item[width]">
187 190
                     <div class="form-group mb-3">
188 191
                         $itemlabel
189
-                        <div class="input-group">
192
+ITEMTOP;
193
+            $inputgrouptop = <<<INPUTG
194
+\n                            <div class="input-group">
190 195
                             <div class="input-group-prepend">
191 196
                                 <span class="input-group-text"><i class="$item[icon]"></i></span>
192 197
                             </div>
193
-ITEMTOP;
198
+INPUTG;
194 199
             switch ($item['type']) {
195 200
                 case "select":
201
+                    $itemhtml .= $inputgrouptop;
196 202
                     $itemhtml .= <<<SELECT
197 203
 \n                            <select class="form-control" name="$item[name]" aria-label="$strippedlabel" $required>
198 204
 SELECT;
@@ -206,6 +212,7 @@ SELECT;
206 212
                     $itemhtml .= "\n                            </select>";
207 213
                     break;
208 214
                 case "checkbox":
215
+                    $itemhtml .= $inputgrouptop;
209 216
                     $itemhtml .= <<<CHECKBOX
210 217
 \n                            <div class="form-group form-check">
211 218
                                 <input type="checkbox" name="$item[name]" $id class="form-check-input" value="$item[value]" $required aria-label="$strippedlabel">
@@ -213,7 +220,14 @@ SELECT;
213 220
                               </div>
214 221
 CHECKBOX;
215 222
                     break;
223
+                case "textarea":
224
+                    $val = htmlentities($item['value']);
225
+                    $itemhtml .= <<<TEXTAREA
226
+\n                            <textarea class="form-control" id="info" name="$item[name]" aria-label="$strippedlabel" minlength="$item[minlength]" maxlength="$item[maxlength]" $required>$val</textarea>
227
+TEXTAREA;
228
+                    break;
216 229
                 default:
230
+                    $itemhtml .= $inputgrouptop;
217 231
                     $itemhtml .= <<<INPUT
218 232
 \n                            <input type="$item[type]" name="$item[name]" $id class="form-control" aria-label="$strippedlabel" minlength="$item[minlength]" maxlength="$item[maxlength]" $pattern value="$item[value]" $required />
219 233
 INPUT;
@@ -227,9 +241,11 @@ INPUT;
227 241
                             </div>
228 242
 ERROR;
229 243
             }
244
+            if ($item["type"] != "textarea") {
245
+                $itemhtml .= "\n                                </div>";
246
+            }
230 247
             $itemhtml .= <<<ITEMBOTTOM
231
-\n                        </div>
232
-                    </div>
248
+\n                    </div>
233 249
                 </div>\n
234 250
 ITEMBOTTOM;
235 251
             $html .= $itemhtml;
@@ -242,7 +258,7 @@ ITEMBOTTOM;
242 258
 HTMLBOTTOM;
243 259
 
244 260
         if (!empty($this->buttons)) {
245
-            $html .= "\n        <div class=\"card-footer\">";
261
+            $html .= "\n        <div class=\"card-footer d-flex\">";
246 262
             foreach ($this->buttons as $btn) {
247 263
                 $btnhtml = "";
248 264
                 $inner = "<i class=\"$btn[icon]\"></i> $btn[text]";

+ 8
- 2
lib/User.lib.php View File

@@ -101,10 +101,16 @@ class User {
101 101
     /**
102 102
      * Check the given plaintext password against the stored hash.
103 103
      * @param string $password
104
+     * @param bool $apppass Set to true to enforce app passwords when 2fa is on.
104 105
      * @return bool
105 106
      */
106
-    function checkPassword(string $password): bool {
107
-        return password_verify($password, $this->passhash);
107
+    function checkPassword(string $password, bool $apppass = false): bool {
108
+        $resp = AccountHubApi::get("auth", ['username' => $this->username, 'password' => $password, 'apppass' => ($apppass ? "1" : "0")]);
109
+        if ($resp['status'] == "OK") {
110
+            return true;
111
+        } else {
112
+            return false;
113
+        }
108 114
     }
109 115
 
110 116
     /**

Loading…
Cancel
Save