Jakach/jakach-logging
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4565678c5a6c0faf7a67412028c76fa83e956cad
jakach-logging/public/oauth.php
T
janis 4565678c5a
Deploy / deploy (push) Successful in 8s
Details
fixing login issues
2026-05-06 12:03:41 +02:00

74 lines
2.1 KiB
PHP
Raw Blame History

<?php
require_once __DIR__ . '/../vendor/autoload.php';
use Jakach\Logging\Storage\Database;
use Jakach\Logging\Storage\Repository;
session_set_cookie_params([
'lifetime' => 86400 * 7,
'path' => '/',
'httponly' => true,
'samesite' => 'Lax',
]);
session_start();
$authToken = $_GET['auth'] ?? '';
$errorRedirect = $_GET['redirect'] ?? '/';
if (!$authToken) {
$_SESSION['auth_error'] = 'Missing authentication token.';
header('Location: ' . $errorRedirect);
exit;
}
$checkUrl = 'https://auth.jakach.ch/api/auth/check_auth_key.php?auth_token=' . urlencode($authToken);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $checkUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($httpCode !== 200 || !$response) {
$_SESSION['auth_error'] = 'Authentication server is unreachable. Please try again later.';
header('Location: ' . $errorRedirect);
exit;
}
$data = json_decode($response, true);
if (!isset($data['status']) || $data['status'] !== 'success') {
$_SESSION['auth_error'] = 'Authentication failed: ' . ($data['msg'] ?? 'Unknown error');
header('Location: ' . $errorRedirect);
exit;
}
$userToken = $data['user_token'] ?? '';
$db = new Database();
$repo = new Repository($db);
$allowedTokens = $repo->getAllowedUserTokens();
if (empty($allowedTokens)) {
$repo->setAllowedUserTokens([$userToken]);
} elseif (!in_array($userToken, $allowedTokens, true)) {
$_SESSION['auth_error'] = 'Your Jakach account is not authorized to access this system. Contact an administrator.';
header('Location: ' . $errorRedirect);
exit;
}
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $data['username'] ?? 'unknown';
$_SESSION['id'] = $data['id'] ?? '';
$_SESSION['email'] = $data['email'] ?? '';
$_SESSION['telegram_id'] = $data['telegram_id'] ?? '';
$_SESSION['user_token'] = $userToken;
unset($_SESSION['auth_error']);
$redirect = $_GET['redirect'] ?? '/';
header('Location: ' . $redirect);
exit;
Reference in New Issue View Git Blame Copy Permalink