Add permission check during login

master
Skylar Ittner 5 years ago
parent 4d2b78bdba
commit 1729b842ba

@ -82,6 +82,11 @@ if (empty($_SESSION["login_code"])) {
}
if (is_numeric($uidinfo['uid'])) {
$user = new User($uidinfo['uid'] * 1);
foreach ($SETTINGS['permissions'] as $perm) {
if (!$user->hasPermission($perm)) {
die($Strings->get("no access permission", false));
}
}
Session::start($user);
$_SESSION["login_code"] = null;
header('Location: app.php');

@ -36,6 +36,9 @@ $SETTINGS = [
// API key
"key" => "123"
],
// List of required user permissions to access this app.
"permissions" => [
],
// For supported values, see http://php.net/manual/en/timezones.php
"timezone" => "America/Denver",
// Language to use for localization. See langs folder to add a language.

Loading…
Cancel
Save