pages/api/reauthenticate.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49

<?php

require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/functions.inc";
require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $isLowerLoggedIn; global $_PROFILE;

header("Content-Type: text/plain");

if (!$isLoggedIn || $isLowerLoggedIn) {
    header("Location: /-/login");
    die();
}

$newToken = generateToken();

if (isset($_COOKIE['PEH2_SESSION_TOKEN']) && $isLoggedIn) {
    $old = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $_COOKIE['PEH2_SESSION_TOKEN']), true);

    if (!isset($_GET["plain"])) {
        $old["name"] = base64_decode($_GET["name"] ?? "LQo=");
    } else {
        $old["name"] = $_GET["name"] ?? "-";
    }

    $old["created"] = time();
    $old["addresses"] = [];
    $old["last"] = time();
    $old["profile"] = $_PROFILE;

    file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $newToken, json_encode($old));
    file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $newToken, json_encode($_PROFILE));
} else if (isset($_COOKIE['PEH2_SESSION_TOKEN']) && $isLowerLoggedIn) {
    $old = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $_COOKIE['PEH2_SESSION_TOKEN']), true);

    if (!isset($_GET["plain"])) {
        $old["name"] = base64_decode($_GET["name"] ?? "LQo=");
    } else {
        $old["name"] = $_GET["name"] ?? "-";
    }

    $old["created"] = time();
    $old["addresses"] = [];
    $old["last"] = time();
    $old["profile"] = $_PROFILE;

    file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $newToken, json_encode($old));
    file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $newToken, json_encode($_PROFILE));
}

die($newToken);