diff options
author | RaindropsSys <raindrops@equestria.dev> | 2024-05-11 22:37:04 +0200 |
---|---|---|
committer | RaindropsSys <raindrops@equestria.dev> | 2024-05-11 22:37:04 +0200 |
commit | b6c6e355a362b012ded7b349da93ccb40e5c90f4 (patch) | |
tree | 14b826a04aefd2d90f8a21d60041a2c679839bd7 /login | |
parent | 6cdb6d52787588eec4faa058222dc8cd212f630d (diff) | |
download | delta-b6c6e355a362b012ded7b349da93ccb40e5c90f4.tar.gz delta-b6c6e355a362b012ded7b349da93ccb40e5c90f4.tar.bz2 delta-b6c6e355a362b012ded7b349da93ccb40e5c90f4.zip |
Updated 13 files, added 248 files and deleted 141 files (automated)
Diffstat (limited to 'login')
-rw-r--r-- | login/index.php | 17 | ||||
-rw-r--r-- | login/oauth/index.php | 83 |
2 files changed, 0 insertions, 100 deletions
diff --git a/login/index.php b/login/index.php index 2476354..4a733a6 100644 --- a/login/index.php +++ b/login/index.php @@ -92,15 +92,6 @@ if (!isset($_GET["method"])) { $_GET["method"] = "email"; } -if ($step === 0 && $_GET["method"] === "hub") { - setcookie("DeltaReturnPage", $_GET["return"], 0, "/"); - header("Location: https://account.equestria.dev/hub/api/rest/oauth2/auth?client_id=" . $app["oauth2_id"] . "&response_type=code&redirect_uri=https://" . ($_SERVER["HTTP_HOST"] === "192.168.1.121:81" ? "delta-staging" : "delta") . ".equestria.dev/login/oauth&scope=Hub&request_credentials=default&access_type=offline"); - die(); -} else if ($step === 0 && $_GET["method"] === "apply") { - header("Location: /register"); - die(); -} - $title = "lang_login_title"; require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/header.php"; ?> @@ -129,14 +120,6 @@ $title = "lang_login_title"; require_once $_SERVER['DOCUMENT_ROOT'] . "/includes <button class="btn btn-primary g-recaptcha" data-sitekey="<?= trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/recaptcha-site")) ?>" data-callback='onSubmit' data-action='submit'><?= l("lang_login_continue") ?></button> </form> - - <hr> - <div style="margin-top: 20px;"> - <form method="post" action="/login/?method=hub&return=<?= rawurlencode($_GET["return"]) ?>" id="oauth-form"> - <button class="btn btn-outline-secondary g-recaptcha" data-sitekey="<?= trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/recaptcha-site")) ?>" data-callback='onSubmit2' data-action='submit'><span style="vertical-align: middle; margin-right: 2px;"><?= l("lang_login_eqd") ?></span><img style="height: 36px;" alt="Equestria.dev" src="/equestriadev.svg"></button> - </form> - <a style="display: block; margin-top: 5px;" href="/login/?method=apply&return=<?= rawurlencode($_GET["return"]) ?>"><?= l("lang_login_auth_apply") ?></a> - </div> <?php elseif ($step === 1): ?> <img src="/icons/code.svg?o" style="width: 48px; margin-bottom: 10px;"> <p><b><?= l("lang_login_code3") ?></b></p> diff --git a/login/oauth/index.php b/login/oauth/index.php deleted file mode 100644 index feae098..0000000 --- a/login/oauth/index.php +++ /dev/null @@ -1,83 +0,0 @@ -<?php - -$server = "account.equestria.dev"; - -header("Content-Type: text/plain"); - -if (!isset($_GET['code'])) { - die(); -} - -function encode($string) { - return preg_replace("/[^a-zA-Z0-9.]/m", "", base64_encode($string)); -} - -$appdata = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/email.json"), true); -$users = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/users.json"), true); - -$crl = curl_init('https://' . $server . '/hub/api/rest/oauth2/token'); -curl_setopt($crl, CURLOPT_RETURNTRANSFER, true); -curl_setopt($crl, CURLINFO_HEADER_OUT, true); -curl_setopt($crl, CURLOPT_POST, true); -curl_setopt($crl, CURLOPT_HTTPHEADER, [ - "Authorization: Basic " . base64_encode($appdata["oauth2_id"] . ":" . $appdata["oauth2_secret"]), - "Content-Type: application/x-www-form-urlencoded", - "Accept: application/json" -]); -curl_setopt($crl, CURLOPT_POSTFIELDS, "grant_type=authorization_code&redirect_uri=" . urlencode("https://" . ($_SERVER["HTTP_HOST"] === "192.168.1.121:81" ? "delta-staging" : "delta") . ".equestria.dev/login/oauth") . "&code=" . $_GET['code']); - -$result = curl_exec($crl); -$result = json_decode($result, true); - -curl_close($crl); - -if (isset($result["access_token"])) { - $crl = curl_init('https://' . $server . '/hub/api/rest/users/me'); - curl_setopt($crl, CURLOPT_RETURNTRANSFER, true); - curl_setopt($crl, CURLINFO_HEADER_OUT, true); - curl_setopt($crl, CURLOPT_HTTPHEADER, [ - "Authorization: Bearer " . $result["access_token"], - "Accept: application/json" - ]); - - $result = curl_exec($crl); - $result = json_decode($result, true); - $result["email"] = isset($result["profile"]["email"]) && $result["profile"]["email"]["verified"] ? $result["profile"]["email"]["email"] : "-"; - - if (!in_array($result["email"], array_keys($users))) { - header("Location: /login/?return=" . rawurlencode($_COOKIE["DeltaReturnPage"] ?? "/") . "&failed_oauth2_notfound&v=" . rawurlencode($result["email"])); - die(); - } - - if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens")) mkdir($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens"); - - if ($_SERVER["HTTP_HOST"] === "192.168.1.121:81") { - $cont = false; - if (json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/profiles/" . $users[$result["email"]] . ".json"), true)["admin"]) { - $cont = true; - } - - if (!$cont) { - header("Location: https://delta.equestria.dev"); - die(); - } - } - - $token = encode(openssl_random_pseudo_bytes(128)); - - file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token, json_encode([ - "user" => $users[$result["email"]], - "date" => date('c') - ])); - - setcookie("DeltaSession", $token, time() + (86400 * 90), "/", "", false, true); - - if (isset($_COOKIE["DeltaReturnPage"])) { - header("Location: " . str_replace("\n", "", str_replace("\r", "", $_COOKIE["DeltaReturnPage"]))); - } else { - header("Location: /"); - } - - setcookie("DeltaReturnPage", ""); - die(); -}
\ No newline at end of file |