API: Auth implementation
This commit is contained in:
Marcel Kapfer (mmk2410)
parent
01a6fb914f
commit
4e91eeb3ab
6 changed files with 147 additions and 2 deletions
38
rcc/api/auth/auth.php
Normal file
38
rcc/api/auth/auth.php
Normal file
|
|
@ -0,0 +1,38 @@
|
|||
<?php
|
||||
// Marcel Kapfer (mmk2410)
|
||||
// License: MIT License
|
||||
// api digest auth
|
||||
|
||||
require 'DigestAuth.php';
|
||||
|
||||
use \mmk2410\rbe\digestAuth\DigestAuth as DigestAuth;
|
||||
|
||||
$realm = 'Restricted area';
|
||||
|
||||
//user => password
|
||||
$users = array('admin' => 'mypass', 'guest' => 'guest');
|
||||
|
||||
if (empty($_SERVER['PHP_AUTH_DIGEST'])) {
|
||||
header('HTTP/1.1 401 Unauthorized');
|
||||
header('WWW-Authenticate: Digest realm="'.$realm.
|
||||
'",qop="auth",nonce="'.uniqid().'",opaque="'.md5($realm).'"');
|
||||
|
||||
die('Access to RCC API not granted');
|
||||
}
|
||||
|
||||
|
||||
// analyze the PHP_AUTH_DIGEST variable
|
||||
if (!($data = DigestAuth::httpDigestParse($_SERVER['PHP_AUTH_DIGEST'])) ||
|
||||
!isset($users[$data['username']])) {
|
||||
die('Wrong Credentials!');
|
||||
}
|
||||
|
||||
|
||||
// generate the valid response
|
||||
$A1 = md5($data['username'] . ':' . $realm . ':' . $users[$data['username']]);
|
||||
$A2 = md5($_SERVER['REQUEST_METHOD'].':'.$data['uri']);
|
||||
$valid_response = md5($A1.':'.$data['nonce'].':'.$data['nc'].':'.$data['cnonce'].':'.$data['qop'].':'.$A2);
|
||||
|
||||
if ($data['response'] != $valid_response) {
|
||||
die('Wrong Credentials!');
|
||||
}
|
||||
Reference in a new issue