adding keepmeloggedin

app-code/api/login/redirect.php

@@ -2,31 +2,7 @@
 session_start();
 header('Content-Type: application/json');
 
-
-function get_location_from_ip($ip) {
-    // Use ip-api.com to fetch geolocation data
-    $url = "http://ip-api.com/json/$ip";
-
-    // Initialize curl
-    $ch = curl_init();
-    curl_setopt($ch, CURLOPT_URL, $url);
-    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
-
-    // Execute curl and decode the JSON response
-    $response = curl_exec($ch);
-    curl_close($ch);
-
-    // Convert JSON response to PHP array
-    $data = json_decode($response, true);
-
-    // Check for a successful response
-    if ($data && $data['status'] === 'success') {
-        return $data; // Return the geolocation data
-    }
-
-    return null; // Return null if API call fails
-}
-
+include "../utils/get_location.php";
 
 $send_to=$_SESSION["end_url"];
 
@@ -57,7 +33,16 @@ else if($_SESSION["needs_auth"]===false && $_SESSION["mfa_required"]==1 && $_SES
                 'redirect' => '/login/passkey.php'
         ];
         echo(json_encode($data));
-}*/else if ($_SESSION["needs_auth"]===false && $_SESSION["mfa_authenticated"]==1 && $_SESSION["pw_authenticated"]==1){
+}*/
+else if ($_SESSION["needs_auth"]===false && $_SESSION["mfa_authenticated"]==1 && $_SESSION["pw_authenticated"]==1 && $_SESSION["keepmeloggedin_asked"]==false){
+	//send to keepmelogged in question
+	$data=[
+                'message' => 'ask_keepmeloggedin',
+                'redirect' => '/login/keepmeloggedin.php'
+        ];
+        echo(json_encode($data));
+}
+else if ($_SESSION["needs_auth"]===false && $_SESSION["mfa_authenticated"]==1 && $_SESSION["pw_authenticated"]==1){
 	//fully authenticated
 	//create auth token which other services can then use to check if user logged in
 	$user_id=$_SESSION["id"];
@@ -133,7 +118,7 @@ else{
 	$username=$_SESSION["username"];
 	$_SESSION["needs_auth"]=false;
 	$_SESSION["logged_in"]=false;
-	$sql="SELECT auth_method_required_pw, auth_method_required_2fa, auth_method_required_passkey, id, user_token,last_login, login_message,telegram_id FROM users WHERE username = ?";
+	$sql="SELECT auth_method_required_pw, auth_method_required_2fa, auth_method_required_passkey, id, user_token,last_login, login_message,telegram_id, permissions FROM users WHERE username = ?";
 	$stmt = mysqli_prepare($conn, $sql);
 	mysqli_stmt_bind_param($stmt, 's', $username);
 	mysqli_stmt_execute($stmt);
@@ -145,8 +130,9 @@ else{
 	$last_login="";
 	$login_message=0;
 	$telegram_id="";
+	$permissions="";
 	if(mysqli_stmt_num_rows($stmt) == 1){
-		mysqli_stmt_bind_result($stmt, $pw,$mfa,$passkey,$user_id,$user_token,$last_login,$login_message,$telegram_id);
+		mysqli_stmt_bind_result($stmt, $pw,$mfa,$passkey,$user_id,$user_token,$last_login,$login_message,$telegram_id,$permissions);
 		mysqli_stmt_fetch($stmt);
 		$_SESSION["pw_required"] = $pw;
 		$_SESSION["pw_authenticated"] = ($pw == 0) ? 1 : 0; // If $pw is 0, set pw_authenticated to 1
@@ -159,6 +145,8 @@ else{
 		$_SESSION["last_login"]=$last_login;
 		$_SESSION["telegram_id"]=$telegram_id;
 		$_SESSION["login_message"]=$login_message;
+		$_SESSION["permissions"]=$permissions;
+		$_SESSION["keepmeloggedin_asked"]=false;
 		$data=[
 			'message' => 'prepared_start_auth',
 			'redirect' => '/login/'