Integrated auth by default
This commit is contained in:
@@ -1,18 +1,50 @@
|
||||
<?php
|
||||
require 'vendor/autoload.php';
|
||||
use Jumbojett\OpenIDConnectClient;
|
||||
session_start();
|
||||
// Configura il client Keycloak
|
||||
$oidc = new OpenIDConnectClient(
|
||||
'https://<KEYCLOAK_URL>/realms/<REALM>/',
|
||||
'<CLIENT_ID>',
|
||||
'<CLIENT_SECRET>'
|
||||
);
|
||||
// Redirect post-login
|
||||
$oidc->setRedirectURL('https://<APP_DOMAIN>/admin/login.php');
|
||||
include("../db.php");
|
||||
|
||||
$oidc->authenticate();
|
||||
$userinfo = $oidc->getVerifiedClaims();
|
||||
$_SESSION['admin'] = $userinfo->preferred_username;
|
||||
header("Location: index.php");
|
||||
exit;
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
$username = $_POST['username'];
|
||||
$password = $_POST['password'];
|
||||
$stmt = $conn->prepare("SELECT * FROM admin WHERE username = ?");
|
||||
$stmt->bind_param("s", $username);
|
||||
$stmt->execute();
|
||||
$res = $stmt->get_result();
|
||||
if ($row = $res->fetch_assoc()) {
|
||||
if (password_verify($password, $row['password'])) {
|
||||
$_SESSION['admin'] = $row['username'];
|
||||
header("Location: index.php");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
$error = "Credenziali non valide";
|
||||
}
|
||||
?>
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<title>Login Admin</title>
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<link rel="stylesheet" href="style.css">
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<div class="navbar">
|
||||
<div class="logo">Admin Dashboard</div>
|
||||
<div class="links">
|
||||
<a href="/">Torna al sito</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- Container login -->
|
||||
<div class="login-container">
|
||||
<h1>Login Admin</h1>
|
||||
<?php if(isset($error)) echo "<div class='error'>$error</div>"; ?>
|
||||
<form method="post">
|
||||
<input type="text" name="username" placeholder="Username" required><br>
|
||||
<input type="password" name="password" placeholder="Password" required><br>
|
||||
<button type="submit">Login</button>
|
||||
</form>
|
||||
</div>
|
||||
<p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
|
||||
</body>
|
||||
</html>
|
||||
|
||||
@@ -1,50 +1,18 @@
|
||||
<?php
|
||||
require 'vendor/autoload.php';
|
||||
use Jumbojett\OpenIDConnectClient;
|
||||
session_start();
|
||||
include("../db.php");
|
||||
// Configura il client Keycloak
|
||||
$oidc = new OpenIDConnectClient(
|
||||
'https://<KEYCLOAK_URL>/realms/<REALM>/',
|
||||
'<CLIENT_ID>',
|
||||
'<CLIENT_SECRET>'
|
||||
);
|
||||
// Redirect post-login
|
||||
$oidc->setRedirectURL('https://<APP_DOMAIN>/admin/login.php');
|
||||
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
$username = $_POST['username'];
|
||||
$password = $_POST['password'];
|
||||
$stmt = $conn->prepare("SELECT * FROM admin WHERE username = ?");
|
||||
$stmt->bind_param("s", $username);
|
||||
$stmt->execute();
|
||||
$res = $stmt->get_result();
|
||||
if ($row = $res->fetch_assoc()) {
|
||||
if (password_verify($password, $row['password'])) {
|
||||
$_SESSION['admin'] = $row['username'];
|
||||
header("Location: index.php");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
$error = "Credenziali non valide";
|
||||
}
|
||||
?>
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<title>Login Admin</title>
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<link rel="stylesheet" href="style.css">
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<div class="navbar">
|
||||
<div class="logo">Admin Dashboard</div>
|
||||
<div class="links">
|
||||
<a href="/">Torna al sito</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- Container login -->
|
||||
<div class="login-container">
|
||||
<h1>Login Admin</h1>
|
||||
<?php if(isset($error)) echo "<div class='error'>$error</div>"; ?>
|
||||
<form method="post">
|
||||
<input type="text" name="username" placeholder="Username" required><br>
|
||||
<input type="password" name="password" placeholder="Password" required><br>
|
||||
<button type="submit">Login</button>
|
||||
</form>
|
||||
</div>
|
||||
<p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
|
||||
</body>
|
||||
</html>
|
||||
$oidc->authenticate();
|
||||
$userinfo = $oidc->getVerifiedClaims();
|
||||
$_SESSION['admin'] = $userinfo->preferred_username;
|
||||
header("Location: index.php");
|
||||
exit;
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
<?php
|
||||
session_start();
|
||||
session_destroy();
|
||||
header('Location: https://<KEYCLOAK_URL>/realms/<REALM>/protocol/openid-connect/logout?post_logout_redirect_uri=https://<APP_DOMAIN>&client_id=<CLIENT_ID>');
|
||||
exit;
|
||||
header("Location: /index.php");
|
||||
?>
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
<?php
|
||||
session_start();
|
||||
session_destroy();
|
||||
header("Location: /index.php");
|
||||
?>
|
||||
header('Location: https://<KEYCLOAK_URL>/realms/<REALM>/protocol/openid-connect/logout?post_logout_redirect_uri=https://<APP_DOMAIN>&client_id=<CLIENT_ID>');
|
||||
exit;
|
||||
|
||||
Reference in New Issue
Block a user