vh/NetAlertX
1
0
Fork 0
mirror of https://github.com/jokob-sk/NetAlertX.git synced 2025-12-07 09:36:05 -08:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
040f2792e4b8c68629f7ce446d9c42d4496d6144
NetAlertX/front/php/templates/security.php
jokob-sk 044de61ab5
Some checks are pending
docker / docker_dev (push) Waiting to run
Details
⬇CSV Import work #808
2024-09-30 10:30:09 +10:00

73 lines
2.4 KiB
PHP
Executable File
Raw Blame History

<?php
// Constants
define('CONFIG_PATH', $_SERVER['DOCUMENT_ROOT'] . "/../config/app.conf");
define('COOKIE_SAVE_LOGIN_NAME', "NetAlertX_SaveLogin");
// Utility Functions
function getConfigLine($pattern, $config_lines) {
$matches = preg_grep($pattern, $config_lines);
return !empty($matches) ? explode("=", array_values($matches)[0]) : null;
}
function getConfigValue($pattern, $config_lines, $delimiter = "'") {
$line = preg_grep($pattern, $config_lines);
return !empty($line) ? explode($delimiter, array_values($line)[0])[1] : '';
}
function redirect($url) {
header("Location: $url");
exit();
}
// Initialization
$protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https://' : 'http://';
$url = $protocol . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
$isLogonPage = strpos($url, 'index.php') !== false;
$authHeader = apache_request_headers()['Authorization'] ?? '';
$sessionLogin = isset($_SESSION['login']) ? $_SESSION['login'] : 0;
// Start session if not already started
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
// Handle logout
if (!empty($_REQUEST['action']) && $_REQUEST['action'] == 'logout') {
session_destroy();
setcookie(COOKIE_SAVE_LOGIN_NAME, "", time() - 3600);
redirect('index.php');
}
// Load configuration
if (!file_exists(CONFIG_PATH)) {
die("Configuration file not found.");
}
$configLines = file(CONFIG_PATH);
// Handle web protection and password
$nax_WebProtection = strtolower(trim(getConfigLine('/^SETPWD_enable_password.*=/', $configLines)[1] ?? 'false'));
$nax_Password = getConfigValue('/^SETPWD_password.*=/', $configLines);
$api_token = getConfigValue('/^SYNC_api_token.*=/', $configLines, "'");
$expectedToken = 'Bearer ' . $api_token;
// Authentication Handling
if ($nax_WebProtection == 'true') {
if ($authHeader === $expectedToken) {
$_SESSION['login'] = 1; // User authenticated with bearer token
} elseif (!empty($authHeader)) {
echo "[Security] Incorrect Bearer Token";
}
// Determine if the user should be redirected
if ($_SESSION["login"] == 1 || $isLogonPage || (isset($_COOKIE[COOKIE_SAVE_LOGIN_NAME]) && $nax_Password == $_COOKIE[COOKIE_SAVE_LOGIN_NAME])) {
// Logged in or stay on this page if we are on the index.php already
} else {
// we need to redirect
redirect('/index.php');
}
}
?>
Reference in New Issue View Git Blame Copy Permalink