Worky
This commit is contained in:
22
includes/authcheck.php
Normal file
22
includes/authcheck.php
Normal file
@@ -0,0 +1,22 @@
|
||||
<?php
|
||||
|
||||
// Secure session settings
|
||||
ini_set('session.cookie_httponly', 1);
|
||||
ini_set('session.cookie_secure', 1);
|
||||
ini_set('session.use_strict_mode', 1);
|
||||
|
||||
session_start();
|
||||
|
||||
function isAuthenticated(): bool {
|
||||
if (isset($_SESSION['authenticated']) && $_SESSION['authenticated'] === true) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
// Usage
|
||||
if (!isAuthenticated()) {
|
||||
header('Location: /login');
|
||||
exit();
|
||||
}
|
||||
1
includes/footer.php
Normal file
1
includes/footer.php
Normal file
@@ -0,0 +1 @@
|
||||
<?php
|
||||
15
includes/header.php
Normal file
15
includes/header.php
Normal file
@@ -0,0 +1,15 @@
|
||||
<?php
|
||||
include_once($_SERVER['DOCUMENT_ROOT'] . "/config.php")
|
||||
?>
|
||||
<div class="tab">
|
||||
<a class="tablinks" href="<?php echo $base_url ?>/">Home</a>
|
||||
<a class="tablinks" href="<?php echo $base_url ?>/panel/">Panel</a>
|
||||
<!--<a class="tablinks" href="/task/new/">New Task</a>-->
|
||||
<?php
|
||||
if (isset($_SESSION['authenticated']) && $_SESSION['authenticated'] === true) {
|
||||
echo '<a class="tablinks" href="' . $base_url . '/logout/">Logout</a>';
|
||||
} else {
|
||||
echo '<a class="tablinks" href="' . $base_url . '/login/">Login</a>';
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
36
includes/utils.php
Normal file
36
includes/utils.php
Normal file
@@ -0,0 +1,36 @@
|
||||
<?php
|
||||
/**
|
||||
* Get header Authorization
|
||||
* */
|
||||
function get_authorization_header(): ?string {
|
||||
$headers = null;
|
||||
if (isset($_SERVER['Authorization'])) {
|
||||
$headers = trim($_SERVER["Authorization"]);
|
||||
}
|
||||
else if (isset($_SERVER['HTTP_AUTHORIZATION'])) { //Nginx or fast CGI
|
||||
$headers = trim($_SERVER["HTTP_AUTHORIZATION"]);
|
||||
} elseif (function_exists('apache_request_headers')) {
|
||||
$requestHeaders = apache_request_headers();
|
||||
// Server-side fix for bug in old Android versions (a nice side-effect of this fix means we don't care about capitalization for Authorization)
|
||||
$requestHeaders = array_combine(array_map('ucwords', array_keys($requestHeaders)), array_values($requestHeaders));
|
||||
//print_r($requestHeaders);
|
||||
if (isset($requestHeaders['Authorization'])) {
|
||||
$headers = trim($requestHeaders['Authorization']);
|
||||
}
|
||||
}
|
||||
return $headers;
|
||||
}
|
||||
|
||||
/**
|
||||
* get access token from header
|
||||
* */
|
||||
function get_bearer_token(): ?string {
|
||||
$headers = get_authorization_header();
|
||||
// HEADER: Get the access token from the header
|
||||
if (!empty($headers)) {
|
||||
if (preg_match('/Bearer\s(\S+)/', $headers, $matches)) {
|
||||
return $matches[1];
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
Reference in New Issue
Block a user