added apikey authn
This commit is contained in:
jakani24
32
src/server/cyberhex-code/api/php/accessctrl/check_apikey.php
Normal file
32
src/server/cyberhex-code/api/php/accessctrl/check_apikey.php
Normal file
@@ -0,0 +1,32 @@
|
|||||||
|
<?php
|
||||||
|
function check_apikey(){
|
||||||
|
include "../../../config.php";
|
||||||
|
$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD,$DB_DATABASE);
|
||||||
|
if ($conn->connect_error) {
|
||||||
|
$success=0;
|
||||||
|
die("Connection failed: " . $conn->connect_error);
|
||||||
|
}
|
||||||
|
if(!isset($_GET["apikey"]) or !isset($_GET["machineid"])){
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
else{
|
||||||
|
$apikey=$_GET["apikey"];
|
||||||
|
$machineid=$_GET["machineid"];
|
||||||
|
$sql = "SELECT * FROM api WHERE apikey = ? and machineid = ?";
|
||||||
|
$stmt = $conn->prepare($sql);
|
||||||
|
$stmt->bind_param("ss", $apikey,$machineid);
|
||||||
|
|
||||||
|
// Execute the statement
|
||||||
|
$stmt->execute();
|
||||||
|
|
||||||
|
// Get the result
|
||||||
|
$result = $stmt->get_result();
|
||||||
|
|
||||||
|
// Check if the user exists and verify the password
|
||||||
|
if ($result->num_rows > 0) {
|
||||||
|
return true;
|
||||||
|
//apikey authenticated
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
||||||
@@ -1,6 +1,10 @@
|
|||||||
<?php
|
<?php
|
||||||
//we need to auth the user => apikey
|
//we need to auth the user => apikey
|
||||||
//put auth code here afterwards
|
//put auth code here afterwards
|
||||||
|
include "../accessctrl/check_apikey.php";
|
||||||
|
if(check_apikey()!==true){
|
||||||
|
die("no_atuh");
|
||||||
|
}
|
||||||
|
|
||||||
//add the entry to the log db
|
//add the entry to the log db
|
||||||
//this page has no gui, it may return ok or error
|
//this page has no gui, it may return ok or error
|
||||||
|
|||||||
@@ -1,6 +1,11 @@
|
|||||||
<?php
|
<?php
|
||||||
//we need to auth the user => apikey
|
//we need to auth the user => apikey
|
||||||
//put auth code here afterwards
|
//put auth code here afterwards
|
||||||
|
include "../accessctrl/check_apikey.php";
|
||||||
|
if(check_apikey()!==true){
|
||||||
|
die("no_atuh");
|
||||||
|
}
|
||||||
|
|
||||||
$setting_virus_ctrl_virus_found_action = "not configured yet";
|
$setting_virus_ctrl_virus_found_action = "not configured yet";
|
||||||
$setting_server_server_url="not configured yet";
|
$setting_server_server_url="not configured yet";
|
||||||
$setting_rtp_folder_scan_status=0;
|
$setting_rtp_folder_scan_status=0;
|
||||||
|
|||||||
@@ -310,7 +310,7 @@ function load_settings(){
|
|||||||
</div>
|
</div>
|
||||||
<div id="rtp" style="display:none">
|
<div id="rtp" style="display:none">
|
||||||
<h4>RTP</h4>
|
<h4>RTP</h4>
|
||||||
<h7>RTP: folderscanner on/off</h7>
|
<h7>RTP: on/off</h7>
|
||||||
<div class="form-check form-switch">
|
<div class="form-check form-switch">
|
||||||
<?php if($setting_rtp_folder_scan_status=="true")
|
<?php if($setting_rtp_folder_scan_status=="true")
|
||||||
echo ("<input class=\"form-check-input\" type=\"checkbox\" role=\"switch\" id=\"flexSwitchCheckDefault\" onclick=\"update_switch('flexSwitchCheckDefault','setting_rtp_folder_scan_status')\" checked>");
|
echo ("<input class=\"form-check-input\" type=\"checkbox\" role=\"switch\" id=\"flexSwitchCheckDefault\" onclick=\"update_switch('flexSwitchCheckDefault','setting_rtp_folder_scan_status')\" checked>");
|
||||||
|
|||||||
Reference in New Issue
Block a user