Browse Source

Add permission check during login

master
Skylar Ittner 8 months ago
parent
commit
1729b842ba
2 changed files with 8 additions and 0 deletions
  1. 5
    0
      index.php
  2. 3
    0
      settings.template.php

+ 5
- 0
index.php View File

@@ -82,6 +82,11 @@ if (empty($_SESSION["login_code"])) {
}
if (is_numeric($uidinfo['uid'])) {
$user = new User($uidinfo['uid'] * 1);
foreach ($SETTINGS['permissions'] as $perm) {
if (!$user->hasPermission($perm)) {
die($Strings->get("no access permission", false));
}
}
Session::start($user);
$_SESSION["login_code"] = null;
header('Location: app.php');

+ 3
- 0
settings.template.php View File

@@ -36,6 +36,9 @@ $SETTINGS = [
// API key
"key" => "123"
],
// List of required user permissions to access this app.
"permissions" => [
],
// For supported values, see http://php.net/manual/en/timezones.php
"timezone" => "America/Denver",
// Language to use for localization. See langs folder to add a language.

Loading…
Cancel
Save