forked from evolix/evoadmin-web
Remove PAM bullshit auth for a simple/stupid sha256 static auth
This commit is contained in:
parent
a5fe856592
commit
6f3a6ccadd
19
inc/auth.php
19
inc/auth.php
|
@ -13,28 +13,19 @@
|
||||||
* @version 1.0
|
* @version 1.0
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
// sha256 hashs (TODO: move in conf file)
|
||||||
|
$logins=array();
|
||||||
|
$logins['foo'] = 'd5d3c723fb82cb0078f399888af78204234535ec2ef3da56710fdd51f90d2477';
|
||||||
|
$logins['bar'] = '7938c84d6e43d1659612a7ea7c1101ed02e52751bb64597a8c20ebaba8ba4303';
|
||||||
|
|
||||||
if ((empty($_GET['form']) || $_GET['form']!=1) && !empty($_POST)) {
|
if ((empty($_GET['form']) || $_GET['form']!=1) && !empty($_POST)) {
|
||||||
$login=0;
|
|
||||||
$username=$_POST['login'];
|
$username=$_POST['login'];
|
||||||
$password=$_POST['passw'];
|
$password=$_POST['passw'];
|
||||||
|
|
||||||
|
if (hash("sha256",$password) == $logins[$username]) {
|
||||||
$login = pam_auth($username, $password);
|
|
||||||
|
|
||||||
if ($login==1) {
|
|
||||||
$_SESSION['auth']=1;
|
$_SESSION['auth']=1;
|
||||||
$_SESSION['user']=$username;
|
$_SESSION['user']=$username;
|
||||||
$_SESSION['error']='';
|
$_SESSION['error']='';
|
||||||
|
|
||||||
$user = posix_getpwnam($username);
|
|
||||||
// On nettoie le nom complet
|
|
||||||
$gecos = explode(',',$user['gecos']);
|
|
||||||
$user['gecos'] = $gecos[0];
|
|
||||||
$_SESSION['user_id'] = $user['uid'];
|
|
||||||
$_SESSION['user_gid'] = $user['gid'];
|
|
||||||
$_SESSION['user_name'] = $user['gecos'];
|
|
||||||
} else {
|
} else {
|
||||||
$_SESSION['auth']=0;
|
$_SESSION['auth']=0;
|
||||||
$_SESSION['user']='';
|
$_SESSION['user']='';
|
||||||
|
|
Loading…
Reference in a new issue