Jakach/jakach-login
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixing some security issues and harderning service
Deploy / deploy (push) Successful in 38s
Details

Browse Source
This commit is contained in:
janis steiner
2026-05-06 08:51:51 +02:00
parent 4d8ce1da43
commit 7ae7df0a11
30 changed files with 328 additions and 124 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app-code/plugins/auth.php
+8 -3
View File
@@ -2,10 +2,16 @@
/*
This file can be installed in any service. If done so a user can authenticate with Jakach Auth. Jakach Auth will redirect the user here where their token gets validated, and then they can be logged in to your service.
*/
$auth_token = $_GET["auth"];
$auth_token = $_GET["auth"] ?? "";
header('Content-Type: application/json');
if ($auth_token === '') {
echo json_encode(['status' => 'failure', 'msg' => 'Missing auth token']);
exit;
}
// Check the auth token against Jakach login API
$check_url = "https://auth.jakach.ch/api/auth/check_auth_key.php?auth_token=" . $auth_token;
$check_url = "https://auth.jakach.ch/api/auth/check_auth_key.php?auth_token=" . rawurlencode($auth_token);
// Initialize cURL
$ch = curl_init();
@@ -47,4 +53,3 @@ if (isset($data['status'])) {
echo json_encode(['status' => 'failure', 'msg' => 'Invalid response from authentication server']);
}
?>