API auth
This commit is contained in:
Marcel Kapfer (mmk2410)
parent
39da838ebd
commit
e0dc2622c2
|
|
@ -16,22 +16,21 @@ if ($username == "") {
|
|||
}
|
||||
|
||||
echo 'Password: ';
|
||||
$password = exec('read -s PW; echo $PW');
|
||||
$password = readline("Password: ");
|
||||
|
||||
if ($password == "") {
|
||||
echo "No password given. Aborting...\n";
|
||||
exit();
|
||||
}
|
||||
|
||||
$hash = password_hash($password, PASSWORD_BCRYPT);
|
||||
|
||||
$username = '$username = "' . $username . '";';
|
||||
$hash = '$hash = "' . $hash . '";';
|
||||
$password = '$password = "' . $password . '";';
|
||||
|
||||
$file = '<?php' . "\n" . $username . "\n" . $hash . "\n";
|
||||
$file = '<?php' . "\n" . $username . "\n" . $password . "\n";
|
||||
|
||||
if (file_put_contents('./rcc/password.php', $file)) {
|
||||
echo "\nPassword hash successfully saved.\n";
|
||||
chmod('./rcc/password.php', 0640);
|
||||
echo "\nPassword successfully saved.\n";
|
||||
}
|
||||
|
||||
$config = new Config('config.yaml', 'vendor/autoload.php');
|
||||
|
|
|
|||
|
|
@ -1,3 +1,3 @@
|
|||
rcc: # settings concerning the rangitaki control center
|
||||
rcc: on # enable rangitaki control center (enable: 'on')
|
||||
api: on # enable rangitaki api (enable: 'on')
|
||||
rcc:
|
||||
rcc: 'off'
|
||||
api: 'on'
|
||||
|
|
|
|||
|
|
@ -5,12 +5,13 @@
|
|||
|
||||
require 'DigestAuth.php';
|
||||
|
||||
require '../../password.php';
|
||||
|
||||
use \mmk2410\rbe\digestAuth\DigestAuth as DigestAuth;
|
||||
|
||||
$realm = 'Restricted area';
|
||||
|
||||
//user => password
|
||||
$users = array('admin' => 'mypass', 'guest' => 'guest');
|
||||
$users = array($username => $password);
|
||||
|
||||
if (empty($_SERVER['PHP_AUTH_DIGEST'])) {
|
||||
header('HTTP/1.1 401 Unauthorized');
|
||||
|
|
@ -24,6 +25,7 @@ if (empty($_SERVER['PHP_AUTH_DIGEST'])) {
|
|||
// analyze the PHP_AUTH_DIGEST variable
|
||||
if (!($data = DigestAuth::httpDigestParse($_SERVER['PHP_AUTH_DIGEST'])) ||
|
||||
!isset($users[$data['username']])) {
|
||||
var_dump($_SERVER["PHP_AUTH_DIGEST"]);
|
||||
die('Wrong Credentials!');
|
||||
}
|
||||
|
||||
|
|
@ -34,5 +36,6 @@ $A2 = md5($_SERVER['REQUEST_METHOD'].':'.$data['uri']);
|
|||
$valid_response = md5($A1.':'.$data['nonce'].':'.$data['nc'].':'.$data['cnonce'].':'.$data['qop'].':'.$A2);
|
||||
|
||||
if ($data['response'] != $valid_response) {
|
||||
var_dump($_SERVER["PHP_AUTH_PW"]);
|
||||
die('Wrong Credentials!');
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,3 +1,3 @@
|
|||
<?php
|
||||
// Set here your RCC password
|
||||
$password = "setyourpassword";
|
||||
$username = "example";
|
||||
$password = "example";
|
||||
|
|
|
|||
Reference in New Issue