Account and permission manager and security log viewer. https://netsyms.biz/apps/managepanel
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Login.lib.php 2.1KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980
  1. <?php
  2. /*
  3. * This Source Code Form is subject to the terms of the Mozilla Public
  4. * License, v. 2.0. If a copy of the MPL was not distributed with this
  5. * file, You can obtain one at http://mozilla.org/MPL/2.0/.
  6. */
  7. class Login {
  8. const BAD_USERPASS = 1;
  9. const BAD_2FA = 2;
  10. const ACCOUNT_DISABLED = 3;
  11. const LOGIN_OK = 4;
  12. public static function auth(string $username, string $password, string $twofa = ""): int {
  13. global $database;
  14. $username = strtolower($username);
  15. $user = User::byUsername($username);
  16. if (!$user->exists()) {
  17. return Login::BAD_USERPASS;
  18. }
  19. if (!$user->checkPassword($password)) {
  20. return Login::BAD_USERPASS;
  21. }
  22. if ($user->has2fa()) {
  23. if (!$user->check2fa($twofa)) {
  24. return Login::BAD_2FA;
  25. }
  26. }
  27. switch ($user->getStatus()->get()) {
  28. case AccountStatus::TERMINATED:
  29. return Login::BAD_USERPASS;
  30. case AccountStatus::LOCKED_OR_DISABLED:
  31. return Login::ACCOUNT_DISABLED;
  32. case AccountStatus::NORMAL:
  33. default:
  34. return Login::LOGIN_OK;
  35. }
  36. return Login::LOGIN_OK;
  37. }
  38. /**
  39. * Check the login server API for sanity
  40. * @return boolean true if OK, else false
  41. */
  42. public static function checkLoginServer() {
  43. try {
  44. $resp = AccountHubApi::get("ping");
  45. if ($resp['status'] == "OK") {
  46. return true;
  47. } else {
  48. return false;
  49. }
  50. } catch (Exception $e) {
  51. return false;
  52. }
  53. }
  54. /**
  55. * Checks if the given AccountHub API key is valid by attempting to
  56. * access the API with it.
  57. * @param String $key The API key to check
  58. * @return boolean TRUE if the key is valid, FALSE if invalid or something went wrong
  59. */
  60. function checkAPIKey($key) {
  61. try {
  62. $resp = AccountHubApi::get("ping", null, true);
  63. return false;
  64. } catch (Exception $e) {
  65. return false;
  66. }
  67. }
  68. }