Change in the login mechanism
Now use passwords hashed & salted. Validate with PHP's password_verify() function Password hashes can be generated with : * mkpasswd --method=sha-512 * PHP's password_hash()
This commit is contained in:
parent
143af65357
commit
d746aa445e
|
@ -8,36 +8,35 @@
|
|||
* $Id: config.php 273 2009-05-12 13:54:50Z tmartin $
|
||||
* vim: expandtab softtabstop=4 tabstop=4 shiftwidth=4 showtabline=2
|
||||
*
|
||||
* @author Gregory Colpart <reg@evolix.fr>
|
||||
* @author Thomas Martin <tmartin@evolix.fr>
|
||||
* @author Sebastien Palma <spalma@evolix.fr>
|
||||
* @author Gregory Colpart <reg@evolix.fr>
|
||||
* @author Thomas Martin <tmartin@evolix.fr>
|
||||
* @author Sebastien Palma <spalma@evolix.fr>
|
||||
* @version 1.0
|
||||
*/
|
||||
|
||||
|
||||
// Email pour les notifications
|
||||
$oriconf['admin']['mail'] = 'admin@example.com';
|
||||
$oriconf['techmail'] = 'jdoe@example.com';
|
||||
$oriconf['debug'] = FALSE;
|
||||
$oriconf['debug'] = false;
|
||||
$oriconf['superadmin'] = array('superadmin');
|
||||
$oriconf['script_path'] = '/usr/share/scripts/evoadmin';
|
||||
$oriconf['cluster'] = FALSE;
|
||||
$oriconf['cluster'] = false;
|
||||
$oriconf['servers'] = array('servers');
|
||||
$oriconf['cache'] = '/home/evoadmin/www/cache.sqlite';
|
||||
$oriconf['known_host'] = '/home/evoadmin/www/known_host';
|
||||
$oriconf['ftpadmin'] = FALSE;
|
||||
$oriconf['bindadmin'] = FALSE;
|
||||
// Penser à rajouter également les versions de PHP disponibles dans /etc/evolinux/web-add.conf
|
||||
$oriconf['ftpadmin'] = false;
|
||||
$oriconf['bindadmin'] = false;
|
||||
// Warning: Don't forget to add available PHP versions into : /etc/evolinux/web-add.conf
|
||||
// $oriconf['php_versions'] = array();
|
||||
$oriconf['quota'] = FALSE;
|
||||
$oriconf['dbadmin'] = FALSE;
|
||||
$oriconf['quota'] = false;
|
||||
$oriconf['dbadmin'] = false;
|
||||
|
||||
$oriconf['noreplication'] = array('srv00.example.com', 'srv01.example.com', 'srv02.example.com');
|
||||
$oriconf['postponedreplication'] = array('srv00.example.com', 'srv01.example.com', 'srv02.example.com');
|
||||
$oriconf['immediatereplication'] = array('srv00.example.com', 'srv01.example.com');
|
||||
$oriconf['postponedreplication_mode'] = array('1 fois/jour', '3 fois/jour', '1 fois/jour');
|
||||
|
||||
// auth (sha256 hashs)
|
||||
// Generate password hashes : mkpasswd --method=sha-512 (cli) or with PHP's password_hash()
|
||||
$oriconf['logins'] = array();
|
||||
//$oriconf['logins']['foo'] = 'd5d3c723fb82cb0078f399888af78204234535ec2ef3da56710fdd51f90d2477';
|
||||
//$oriconf['logins']['bar'] = '7938c84d6e43d1659612a7ea7c1101ed02e52751bb64597a8c20ebaba8ba4303';
|
||||
//$oriconf['logins']['foo'] = '$6$X0jqa/ausLSBkj4m$dLMMcPGVxak.aDPo4V/GJLm2d8vU8/QA5LbGTuqXCdxSNYU0kRKBgDl16GAyp0GqXXZ5wwDEJKQ1npgFwiuV81';
|
||||
//$oriconf['logins']['bar'] = '$6$Q6233S6mlWAF6p.j$LtzwG02YucozwqjAgSpeldh24Mnz7lBuVSbOQYbKKh9FiUx3tMVl6kJZkmrNdPqeadFXKAYXrqn.gy8KposF5.';
|
||||
|
|
60
inc/auth.php
60
inc/auth.php
|
@ -1,44 +1,44 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* Authentification page
|
||||
* Authentification controler
|
||||
*
|
||||
* Copyright (c) 2009 Evolix - Tous droits reserves
|
||||
* Copyright (c) 2009-2022 Evolix - Tous droits reserves
|
||||
*
|
||||
* vim: expandtab softtabstop=4 tabstop=4 shiftwidth=4 showtabline=2
|
||||
*
|
||||
* @author Gregory Colpart <reg@evolix.fr>
|
||||
* @author Thomas Martin <tmartin@evolix.fr>
|
||||
* @author Sebastien Palma <spalma@evolix.fr>
|
||||
* @author Evolix <info@evolix.fr>
|
||||
* @author Gregory Colpart <reg@evolix.fr>
|
||||
* @author Thomas Martin <tmartin@evolix.fr>
|
||||
* @author Sebastien Palma <spalma@evolix.fr>
|
||||
* @author and others.
|
||||
* @version 1.0
|
||||
*/
|
||||
|
||||
if ((empty($_GET['form']) || $_GET['form']!=1) && !empty($_POST)) {
|
||||
$username=$_POST['login'];
|
||||
$password=$_POST['passw'];
|
||||
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST)) {
|
||||
$input_username = $_POST['login'];
|
||||
$input_password = $_POST['passw'];
|
||||
|
||||
if (hash("sha256",$password) == $conf['logins'][$username]) {
|
||||
$_SESSION['auth']=1;
|
||||
$_SESSION['user']=$username;
|
||||
$_SESSION['user_id'] = posix_getpwnam($username) ? posix_getpwnam($username)['uid'] : 65534;
|
||||
$_SESSION['error']='';
|
||||
} else {
|
||||
$_SESSION['auth']=0;
|
||||
$_SESSION['user']='';
|
||||
$_SESSION['error']=1;
|
||||
}
|
||||
http_redirect('/');
|
||||
if (isset($conf['logins'][$input_username]) && password_verify($input_password, $conf['logins'][$input_username]) ) {
|
||||
$_SESSION['auth'] = true;
|
||||
$_SESSION['user'] = $input_username;
|
||||
$_SESSION['user_id'] = posix_getpwnam($input_username) ? posix_getpwnam($input_username)['uid'] : 65534;
|
||||
unset($_SESSION['error']);
|
||||
|
||||
} else {
|
||||
$_SESSION['auth'] = false;
|
||||
$_SESSION['user'] = '';
|
||||
$_SESSION['error'] = true;
|
||||
}
|
||||
|
||||
http_redirect('/');
|
||||
|
||||
} else {
|
||||
|
||||
if(!empty($_SESSION['error'])) {
|
||||
$error=$_SESSION['error'];
|
||||
}
|
||||
if (!empty($_SESSION['error'])) {
|
||||
$error = $_SESSION['error'];
|
||||
unset($_SESSION['error']);
|
||||
}
|
||||
|
||||
include_once EVOADMIN_BASE . '../tpl/header.tpl.php';
|
||||
include_once EVOADMIN_BASE . '../tpl/auth.tpl.php';
|
||||
include_once EVOADMIN_BASE . '../tpl/footer.tpl.php';
|
||||
include_once EVOADMIN_BASE . '../tpl/header.tpl.php';
|
||||
include_once EVOADMIN_BASE . '../tpl/auth.tpl.php';
|
||||
include_once EVOADMIN_BASE . '../tpl/footer.tpl.php';
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
|
@ -1,43 +1,46 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* Authentification form
|
||||
* Authentification page
|
||||
*
|
||||
* Copyright (c) 2009 Evolix - Tous droits reserves
|
||||
* Copyright (c) 2009-2022 Evolix - Tous droits reserves
|
||||
*
|
||||
* vim: expandtab softtabstop=4 tabstop=4 shiftwidth=4 showtabline=2
|
||||
*
|
||||
* @author Gregory Colpart <reg@evolix.fr>
|
||||
* @author Thomas Martin <tmartin@evolix.fr>
|
||||
* @author Sebastien Palma <spalma@evolix.fr>
|
||||
* @author Evolix <info@evolix.fr>
|
||||
* @author Gregory Colpart <reg@evolix.fr>
|
||||
* @author Thomas Martin <tmartin@evolix.fr>
|
||||
* @author Sebastien Palma <spalma@evolix.fr>
|
||||
* @author and others.
|
||||
* @version 1.0
|
||||
*/
|
||||
|
||||
?>
|
||||
|
||||
<br/><br/>
|
||||
<h2>Evoadmin : Connexion</h2>
|
||||
|
||||
<form method="POST">
|
||||
<table align="center">
|
||||
<tr>
|
||||
<td align="right">Utilisateur : </td>
|
||||
<td align="left"><input type="text" name="login" /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td align="right">Mot de passe : </td>
|
||||
<td align="left"><input type="password" name="passw" /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> </td>
|
||||
<td align="left"><br/><input type="submit" value="Connexion" /></td>
|
||||
</tr>
|
||||
<?php
|
||||
if (!empty($error)) {
|
||||
?>
|
||||
<tr>
|
||||
<td colspan="2" class="auth-error">Identifiants invalides. Veuillez ré-essayer</td>
|
||||
</tr>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
<tr>
|
||||
<td align="right">Utilisateur : </td>
|
||||
<td align="left"><input type="text" name="login" /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td align="right">Mot de passe : </td>
|
||||
<td align="left"><input type="password" name="passw" /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> </td>
|
||||
<td align="left"><br/><input type="submit" value="Connexion" /></td>
|
||||
</tr>
|
||||
<?php
|
||||
if (!empty($error)) {
|
||||
?>
|
||||
<tr>
|
||||
<td colspan="2" class="auth-error">
|
||||
Identifiants invalides.
|
||||
Veuillez ré-essayer
|
||||
</td>
|
||||
</tr>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</table>
|
||||
</form>
|
||||
|
|
Loading…
Reference in New Issue