mmk2410/rangitaki
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

API auth

Browse source
This commit is contained in:
Marcel Kapfer (mmk2410) 2016-04-22 18:18:21 +02:00
parent 39da838ebd
commit e0dc2622c2
4 changed files with 15 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

7
rcc/api/auth/auth.php
View file

@ -5,12 +5,13 @@
require 'DigestAuth.php';
require '../../password.php';
use \mmk2410\rbe\digestAuth\DigestAuth as DigestAuth;
$realm = 'Restricted area';
//user => password
$users = array('admin' => 'mypass', 'guest' => 'guest');
$users = array($username => $password);
if (empty($_SERVER['PHP_AUTH_DIGEST'])) {
header('HTTP/1.1 401 Unauthorized');
@ -24,6 +25,7 @@ if (empty($_SERVER['PHP_AUTH_DIGEST'])) {
// analyze the PHP_AUTH_DIGEST variable
if (!($data = DigestAuth::httpDigestParse($_SERVER['PHP_AUTH_DIGEST'])) ||
!isset($users[$data['username']])) {
var_dump($_SERVER["PHP_AUTH_DIGEST"]);
die('Wrong Credentials!');
}
@ -34,5 +36,6 @@ $A2 = md5($_SERVER['REQUEST_METHOD'].':'.$data['uri']);
$valid_response = md5($A1.':'.$data['nonce'].':'.$data['nc'].':'.$data['cnonce'].':'.$data['qop'].':'.$A2);
if ($data['response'] != $valid_response) {
var_dump($_SERVER["PHP_AUTH_PW"]);
die('Wrong Credentials!');
}