Jakach/armeech-neptune
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

adding authentication
Deploy / deploy (push) Successful in 38s
Details

Browse Source
This commit is contained in:
janis steiner
2026-05-07 19:40:39 +02:00
parent 1cf8d9f664
commit f5bdf57265
7 changed files with 381 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/login.php
+107
View File
@@ -0,0 +1,107 @@
<?php
session_start();
// If already logged in, redirect
if (isset($_SESSION['neptune_loggedin']) && $_SESSION['neptune_loggedin'] === true) {
header('Location: /');
exit;
}
$error = '';
$success = '';
// Check for auth callback from Jakach Auth
if (isset($_GET['auth'])) {
$auth_token = $_GET['auth'];
$check_url = "https://auth.jakach.ch/api/auth/check_auth_key.php?auth_token=" . urlencode($auth_token);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $check_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
$response = curl_exec($ch);
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($http_code !== 200 || !$response) {
$error = 'Failed to contact authentication server.';
} else {
$data = json_decode($response, true);
if (isset($data['status']) && $data['status'] === 'success') {
$user_token = $data['user_token'];
$username = $data['username'];
$email = $data['email'] ?? '';
require_once __DIR__ . '/config/database.php';
$db = getDbConnection();
// Check if user exists in our db
$stmt = $db->prepare("SELECT * FROM neptune_users WHERE user_token = ?");
$stmt->execute([$user_token]);
$user = $stmt->fetch();
if ($user) {
$_SESSION['neptune_loggedin'] = true;
$_SESSION['neptune_user_token'] = $user['user_token'];
$_SESSION['neptune_username'] = $user['username'];
$_SESSION['neptune_role'] = $user['role'];
header('Location: /');
exit;
} else {
// First user becomes admin
$count = $db->query("SELECT COUNT(*) as c FROM neptune_users")->fetch()['c'];
$role = ($count == 0) ? 'admin' : 'user';
$stmt = $db->prepare("INSERT INTO neptune_users (user_token, username, email, role) VALUES (?, ?, ?, ?)");
$stmt->execute([$user_token, $username, $email, $role]);
$_SESSION['neptune_loggedin'] = true;
$_SESSION['neptune_user_token'] = $user_token;
$_SESSION['neptune_username'] = $username;
$_SESSION['neptune_role'] = $role;
header('Location: /');
exit;
}
} else {
$error = 'Authentication failed: ' . ($data['msg'] ?? 'unknown error');
}
}
}
?>
<!DOCTYPE html>
<html lang="en" data-bs-theme="dark">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Neptune - Login</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link href="https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.5.1/css/all.min.css" rel="stylesheet">
<style>
body { background: #0a0e1a; display: flex; align-items: center; justify-content: center; min-height: 100vh; }
.login-card { background: #131a2b; border: 1px solid #1e2a45; border-radius: .75rem; padding: 2.5rem; max-width: 420px; width: 100%; }
.login-card h1 { font-size: 1.5rem; }
.login-card p { color: #64748b; font-size: .9rem; }
.btn-jakach { background: #3b82f6; color: #fff; }
.btn-jakach:hover { background: #2563eb; color: #fff; }
</style>
</head>
<body>
<div class="login-card text-center">
<i class="fas fa-globe text-primary mb-3" style="font-size: 2.5rem;"></i>
<h1 class="fw-bold mb-1">Neptune</h1>
<p class="mb-4">Cybersecurity Incident Journal</p>
<?php if ($error): ?>
<div class="alert alert-danger py-2 small"><?= htmlspecialchars($error) ?></div>
<?php endif; ?>
<?php if ($success): ?>
<div class="alert alert-success py-2 small"><?= htmlspecialchars($success) ?></div>
<?php endif; ?>
<a href="https://auth.jakach.ch/?send_to=<?= urlencode('http://' . ($_SERVER['HTTP_HOST'] ?? 'localhost:8080') . '/login.php') ?>" class="btn btn-jakach w-100 py-2 mb-2">
<i class="fas fa-right-to-bracket me-2"></i>Log in with Jakach Auth
</a>
<small class="text-secondary">First user automatically becomes admin</small>
</div>
</body>
</html>