Integrated auth by default
This commit is contained in:
@@ -60,8 +60,8 @@ $host = "localhost";
|
|||||||
$user = "utente";
|
$user = "utente";
|
||||||
$pass = "password123";
|
$pass = "password123";
|
||||||
```
|
```
|
||||||
7. **Modifica ``admin/login.php`` e ``admin/logout.php`` con i dati di un'istanza keycloak. In caso tu voglia usare l'autenticazione via nome utente e password (e non keycloak), cancella quei due file e rinomina ``admin/login.php.backup`` in ``login.php`` e ``admin/logout.php.backup`` in ``logout.php``**
|
7. **(Opzionale) Modifica ``admin/login.php.keycloak`` e ``admin/logout.php.keycloak`` con i dati di un'istanza keycloak, in caso tu voglia usare Keycloak e non l'autenticazione integrata. Cancella poi i file ``login.php`` e ``logout.php`` e rinomina ``admin/login.php.keycloak`` in ``login.php`` e ``admin/logout.php.keycloak`` in ``logout.php``**
|
||||||
- Esempio (``login.php`` con keycloak):
|
- Esempio (``login.php.keycloak``):
|
||||||
```php
|
```php
|
||||||
$oidc = new OpenIDConnectClient(
|
$oidc = new OpenIDConnectClient(
|
||||||
'https://keycloak.local/realms/master/',
|
'https://keycloak.local/realms/master/',
|
||||||
@@ -70,7 +70,7 @@ $oidc = new OpenIDConnectClient(
|
|||||||
);
|
);
|
||||||
$oidc->setRedirectURL('https://orario.local/admin/login.php'); // orario.local è il dominio base di questa piattaforma
|
$oidc->setRedirectURL('https://orario.local/admin/login.php'); // orario.local è il dominio base di questa piattaforma
|
||||||
```
|
```
|
||||||
- Esempio (``logout.php`` con keycloak):
|
- Esempio (``logout.php.keycloak``):
|
||||||
```php
|
```php
|
||||||
header('Location: https://keycloak.local/realms/master/protocol/openid-connect/logout?post_logout_redirect_uri=https://orario.local&client_id=orario');
|
header('Location: https://keycloak.local/realms/master/protocol/openid-connect/logout?post_logout_redirect_uri=https://orario.local&client_id=orario');
|
||||||
```
|
```
|
||||||
|
|||||||
@@ -1,18 +1,50 @@
|
|||||||
<?php
|
<?php
|
||||||
require 'vendor/autoload.php';
|
|
||||||
use Jumbojett\OpenIDConnectClient;
|
|
||||||
session_start();
|
session_start();
|
||||||
// Configura il client Keycloak
|
include("../db.php");
|
||||||
$oidc = new OpenIDConnectClient(
|
|
||||||
'https://<KEYCLOAK_URL>/realms/<REALM>/',
|
|
||||||
'<CLIENT_ID>',
|
|
||||||
'<CLIENT_SECRET>'
|
|
||||||
);
|
|
||||||
// Redirect post-login
|
|
||||||
$oidc->setRedirectURL('https://<APP_DOMAIN>/admin/login.php');
|
|
||||||
|
|
||||||
$oidc->authenticate();
|
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||||
$userinfo = $oidc->getVerifiedClaims();
|
$username = $_POST['username'];
|
||||||
$_SESSION['admin'] = $userinfo->preferred_username;
|
$password = $_POST['password'];
|
||||||
|
$stmt = $conn->prepare("SELECT * FROM admin WHERE username = ?");
|
||||||
|
$stmt->bind_param("s", $username);
|
||||||
|
$stmt->execute();
|
||||||
|
$res = $stmt->get_result();
|
||||||
|
if ($row = $res->fetch_assoc()) {
|
||||||
|
if (password_verify($password, $row['password'])) {
|
||||||
|
$_SESSION['admin'] = $row['username'];
|
||||||
header("Location: index.php");
|
header("Location: index.php");
|
||||||
exit;
|
exit;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$error = "Credenziali non valide";
|
||||||
|
}
|
||||||
|
?>
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<title>Login Admin</title>
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||||
|
<link rel="stylesheet" href="style.css">
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
|
||||||
|
<div class="navbar">
|
||||||
|
<div class="logo">Admin Dashboard</div>
|
||||||
|
<div class="links">
|
||||||
|
<a href="/">Torna al sito</a>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<!-- Container login -->
|
||||||
|
<div class="login-container">
|
||||||
|
<h1>Login Admin</h1>
|
||||||
|
<?php if(isset($error)) echo "<div class='error'>$error</div>"; ?>
|
||||||
|
<form method="post">
|
||||||
|
<input type="text" name="username" placeholder="Username" required><br>
|
||||||
|
<input type="password" name="password" placeholder="Password" required><br>
|
||||||
|
<button type="submit">Login</button>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
<p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
|
|||||||
@@ -1,50 +1,18 @@
|
|||||||
<?php
|
<?php
|
||||||
|
require 'vendor/autoload.php';
|
||||||
|
use Jumbojett\OpenIDConnectClient;
|
||||||
session_start();
|
session_start();
|
||||||
include("../db.php");
|
// Configura il client Keycloak
|
||||||
|
$oidc = new OpenIDConnectClient(
|
||||||
|
'https://<KEYCLOAK_URL>/realms/<REALM>/',
|
||||||
|
'<CLIENT_ID>',
|
||||||
|
'<CLIENT_SECRET>'
|
||||||
|
);
|
||||||
|
// Redirect post-login
|
||||||
|
$oidc->setRedirectURL('https://<APP_DOMAIN>/admin/login.php');
|
||||||
|
|
||||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
$oidc->authenticate();
|
||||||
$username = $_POST['username'];
|
$userinfo = $oidc->getVerifiedClaims();
|
||||||
$password = $_POST['password'];
|
$_SESSION['admin'] = $userinfo->preferred_username;
|
||||||
$stmt = $conn->prepare("SELECT * FROM admin WHERE username = ?");
|
|
||||||
$stmt->bind_param("s", $username);
|
|
||||||
$stmt->execute();
|
|
||||||
$res = $stmt->get_result();
|
|
||||||
if ($row = $res->fetch_assoc()) {
|
|
||||||
if (password_verify($password, $row['password'])) {
|
|
||||||
$_SESSION['admin'] = $row['username'];
|
|
||||||
header("Location: index.php");
|
header("Location: index.php");
|
||||||
exit;
|
exit;
|
||||||
}
|
|
||||||
}
|
|
||||||
$error = "Credenziali non valide";
|
|
||||||
}
|
|
||||||
?>
|
|
||||||
<!DOCTYPE html>
|
|
||||||
<html>
|
|
||||||
<head>
|
|
||||||
<title>Login Admin</title>
|
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
||||||
<link rel="stylesheet" href="style.css">
|
|
||||||
</head>
|
|
||||||
<body>
|
|
||||||
|
|
||||||
<div class="navbar">
|
|
||||||
<div class="logo">Admin Dashboard</div>
|
|
||||||
<div class="links">
|
|
||||||
<a href="/">Torna al sito</a>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<!-- Container login -->
|
|
||||||
<div class="login-container">
|
|
||||||
<h1>Login Admin</h1>
|
|
||||||
<?php if(isset($error)) echo "<div class='error'>$error</div>"; ?>
|
|
||||||
<form method="post">
|
|
||||||
<input type="text" name="username" placeholder="Username" required><br>
|
|
||||||
<input type="password" name="password" placeholder="Password" required><br>
|
|
||||||
<button type="submit">Login</button>
|
|
||||||
</form>
|
|
||||||
</div>
|
|
||||||
<p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
<?php
|
<?php
|
||||||
session_start();
|
session_start();
|
||||||
session_destroy();
|
session_destroy();
|
||||||
header('Location: https://<KEYCLOAK_URL>/realms/<REALM>/protocol/openid-connect/logout?post_logout_redirect_uri=https://<APP_DOMAIN>&client_id=<CLIENT_ID>');
|
header("Location: /index.php");
|
||||||
exit;
|
?>
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
<?php
|
<?php
|
||||||
session_start();
|
session_start();
|
||||||
session_destroy();
|
session_destroy();
|
||||||
header("Location: /index.php");
|
header('Location: https://<KEYCLOAK_URL>/realms/<REALM>/protocol/openid-connect/logout?post_logout_redirect_uri=https://<APP_DOMAIN>&client_id=<CLIENT_ID>');
|
||||||
?>
|
exit;
|
||||||
|
|||||||
Reference in New Issue
Block a user