This commit is contained in:
@@ -5,17 +5,22 @@
|
||||
$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE);
|
||||
if (isset($_COOKIE['auth_token'])) {
|
||||
$auth_token=$_COOKIE['auth_token'];
|
||||
$auth_token_hash=remember_token_hash($auth_token);
|
||||
$sql="SELECT user_id,agent FROM keepmeloggedin WHERE auth_token = ?";
|
||||
$user_id=0;
|
||||
$agent="";
|
||||
$stmt = mysqli_prepare($conn, $sql);
|
||||
mysqli_stmt_bind_param($stmt, 's',$auth_token);
|
||||
mysqli_stmt_bind_param($stmt, 's',$auth_token_hash);
|
||||
mysqli_stmt_execute($stmt);
|
||||
mysqli_stmt_store_result($stmt);
|
||||
if(mysqli_stmt_num_rows($stmt) == 1){
|
||||
mysqli_stmt_bind_result($stmt, $user_id,$agent);
|
||||
mysqli_stmt_fetch($stmt);
|
||||
mysqli_stmt_close($stmt);
|
||||
if (!hash_equals($agent, $_SERVER['HTTP_USER_AGENT'] ?? "")) {
|
||||
delete_cookie("auth_token");
|
||||
return $ret;
|
||||
}
|
||||
|
||||
//load user data
|
||||
$sql="SELECT auth_method_required_pw, auth_method_required_2fa, auth_method_required_passkey, username, user_token,last_login, login_message,telegram_id, permissions FROM users WHERE id = ?";
|
||||
@@ -52,6 +57,7 @@
|
||||
$_SESSION["keepmeloggedin_asked"]=true;
|
||||
$_SESSION["logged_in"]=true;
|
||||
$_SESSION["needs_auth"]=false;
|
||||
session_regenerate_id(true);
|
||||
$ret="success";
|
||||
}
|
||||
mysqli_stmt_close($stmt);
|
||||
|
||||
@@ -0,0 +1,128 @@
|
||||
<?php
|
||||
|
||||
function secure_session_start(): void
|
||||
{
|
||||
if (session_status() === PHP_SESSION_ACTIVE) {
|
||||
return;
|
||||
}
|
||||
|
||||
$is_https = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off')
|
||||
|| (isset($_SERVER['SERVER_PORT']) && (int) $_SERVER['SERVER_PORT'] === 443);
|
||||
|
||||
session_set_cookie_params([
|
||||
'lifetime' => 0,
|
||||
'path' => '/',
|
||||
'domain' => '',
|
||||
'secure' => $is_https,
|
||||
'httponly' => true,
|
||||
'samesite' => 'Lax',
|
||||
]);
|
||||
|
||||
session_start();
|
||||
}
|
||||
|
||||
function json_response(array $data, int $status_code = 200): void
|
||||
{
|
||||
http_response_code($status_code);
|
||||
header('Content-Type: application/json');
|
||||
echo json_encode($data);
|
||||
exit;
|
||||
}
|
||||
|
||||
function require_same_origin_request(): void
|
||||
{
|
||||
if (!in_array($_SERVER['REQUEST_METHOD'] ?? 'GET', ['POST', 'PUT', 'PATCH', 'DELETE'], true)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$host = $_SERVER['HTTP_HOST'] ?? '';
|
||||
$source = $_SERVER['HTTP_ORIGIN'] ?? $_SERVER['HTTP_REFERER'] ?? '';
|
||||
|
||||
if ($source === '') {
|
||||
return;
|
||||
}
|
||||
|
||||
$source_host = parse_url($source, PHP_URL_HOST);
|
||||
$source_port = parse_url($source, PHP_URL_PORT);
|
||||
if ($source_host && $source_port) {
|
||||
$source_host .= ':' . $source_port;
|
||||
}
|
||||
|
||||
if (!$source_host || !hash_equals(strtolower($host), strtolower($source_host))) {
|
||||
json_response(['success' => false, 'message' => 'Invalid request origin.'], 403);
|
||||
}
|
||||
}
|
||||
|
||||
function require_logged_in(): void
|
||||
{
|
||||
if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true || empty($_SESSION['id'])) {
|
||||
json_response(['success' => false, 'message' => 'Not logged in'], 401);
|
||||
}
|
||||
}
|
||||
|
||||
function is_admin_session(): bool
|
||||
{
|
||||
return !empty($_SESSION['permissions'])
|
||||
&& is_string($_SESSION['permissions'])
|
||||
&& isset($_SESSION['permissions'][0])
|
||||
&& $_SESSION['permissions'][0] === '1';
|
||||
}
|
||||
|
||||
function remember_token_hash(string $token): string
|
||||
{
|
||||
return hash('sha256', $token);
|
||||
}
|
||||
|
||||
function set_secure_cookie(string $name, string $value, int $expires): void
|
||||
{
|
||||
$is_https = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off')
|
||||
|| (isset($_SERVER['SERVER_PORT']) && (int) $_SERVER['SERVER_PORT'] === 443);
|
||||
|
||||
setcookie($name, $value, [
|
||||
'expires' => $expires,
|
||||
'path' => '/',
|
||||
'secure' => $is_https,
|
||||
'httponly' => true,
|
||||
'samesite' => 'Lax',
|
||||
]);
|
||||
}
|
||||
|
||||
function delete_cookie(string $name): void
|
||||
{
|
||||
set_secure_cookie($name, '', time() - 3600);
|
||||
}
|
||||
|
||||
function normalize_redirect_target(?string $target): string
|
||||
{
|
||||
$target = trim((string) $target);
|
||||
if ($target === '') {
|
||||
return '/account/';
|
||||
}
|
||||
|
||||
if (preg_match('/[\r\n]/', $target)) {
|
||||
return '/account/';
|
||||
}
|
||||
|
||||
if (str_starts_with($target, '/') && !str_starts_with($target, '//')) {
|
||||
return $target;
|
||||
}
|
||||
|
||||
$parts = parse_url($target);
|
||||
if (!$parts || empty($parts['scheme']) || empty($parts['host'])) {
|
||||
return '/account/';
|
||||
}
|
||||
|
||||
if (!in_array(strtolower($parts['scheme']), ['http', 'https'], true)) {
|
||||
return '/account/';
|
||||
}
|
||||
|
||||
return $target;
|
||||
}
|
||||
|
||||
function append_auth_token_to_redirect(string $redirect, string $auth_token): string
|
||||
{
|
||||
$separator = str_contains($redirect, '?') ? '&' : '?';
|
||||
return $redirect . $separator . 'auth=' . rawurlencode($auth_token);
|
||||
}
|
||||
|
||||
?>
|
||||
Reference in New Issue
Block a user