Integrated auth by default

README.md

@@ -60,8 +60,8 @@ $host = "localhost";
 $user = "utente";
 $pass = "password123";
 ```
-7. **Modifica ``admin/login.php`` e ``admin/logout.php`` con i dati di un'istanza keycloak. In caso tu voglia usare l'autenticazione via nome utente e password (e non keycloak), cancella quei due file e rinomina ``admin/login.php.backup`` in ``login.php`` e ``admin/logout.php.backup`` in ``logout.php``**
-- Esempio (``login.php`` con keycloak):
+7. **(Opzionale) Modifica ``admin/login.php.keycloak`` e ``admin/logout.php.keycloak`` con i dati di un'istanza keycloak, in caso tu voglia usare Keycloak e non l'autenticazione integrata. Cancella poi i file ``login.php`` e ``logout.php`` e rinomina ``admin/login.php.keycloak`` in ``login.php`` e ``admin/logout.php.keycloak`` in ``logout.php``**
+- Esempio (``login.php.keycloak``):
 ```php
 $oidc = new OpenIDConnectClient(
     'https://keycloak.local/realms/master/',
@@ -70,7 +70,7 @@ $oidc = new OpenIDConnectClient(
 );
 $oidc->setRedirectURL('https://orario.local/admin/login.php'); // orario.local è il dominio base di questa piattaforma
 ```
-- Esempio (``logout.php`` con keycloak):
+- Esempio (``logout.php.keycloak``):
 ```php
 header('Location: https://keycloak.local/realms/master/protocol/openid-connect/logout?post_logout_redirect_uri=https://orario.local&client_id=orario');
 ```

htdocs/admin/login.php

@@ -1,18 +1,50 @@
 <?php
-require 'vendor/autoload.php';
-use Jumbojett\OpenIDConnectClient;
 session_start();
-// Configura il client Keycloak
-$oidc = new OpenIDConnectClient(
-    'https://<KEYCLOAK_URL>/realms/<REALM>/',
-    '<CLIENT_ID>',
-    '<CLIENT_SECRET>'
-);
-// Redirect post-login
-$oidc->setRedirectURL('https://<APP_DOMAIN>/admin/login.php');
+include("../db.php");
 
-$oidc->authenticate();
-$userinfo = $oidc->getVerifiedClaims();
-$_SESSION['admin'] = $userinfo->preferred_username;
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+    $username = $_POST['username'];
+    $password = $_POST['password'];
+    $stmt = $conn->prepare("SELECT * FROM admin WHERE username = ?");
+    $stmt->bind_param("s", $username);
+    $stmt->execute();
+    $res = $stmt->get_result();
+    if ($row = $res->fetch_assoc()) {
+        if (password_verify($password, $row['password'])) {
+            $_SESSION['admin'] = $row['username'];
             header("Location: index.php");
             exit;
+        }
+    }
+    $error = "Credenziali non valide";
+}
+?>
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Login Admin</title>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <link rel="stylesheet" href="style.css">
+</head>
+<body>
+
+  <div class="navbar">
+    <div class="logo">Admin Dashboard</div>
+    <div class="links">
+      <a href="/">Torna al sito</a>
+    </div>
+  </div>
+
+  <!-- Container login -->
+  <div class="login-container">
+    <h1>Login Admin</h1>
+    <?php if(isset($error)) echo "<div class='error'>$error</div>"; ?>
+    <form method="post">
+      <input type="text" name="username" placeholder="Username" required><br>
+      <input type="password" name="password" placeholder="Password" required><br>
+      <button type="submit">Login</button>
+    </form>
+  </div>
+<p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
+</body>
+</html>

htdocs/admin/login.php.backup

@@ -1,50 +1,18 @@
 <?php
+require 'vendor/autoload.php';
+use Jumbojett\OpenIDConnectClient;
 session_start();
-include("../db.php");
+// Configura il client Keycloak
+$oidc = new OpenIDConnectClient(
+    'https://<KEYCLOAK_URL>/realms/<REALM>/',
+    '<CLIENT_ID>',
+    '<CLIENT_SECRET>'
+);
+// Redirect post-login
+$oidc->setRedirectURL('https://<APP_DOMAIN>/admin/login.php');
 
-if ($_SERVER["REQUEST_METHOD"] == "POST") {
-    $username = $_POST['username'];
-    $password = $_POST['password'];
-    $stmt = $conn->prepare("SELECT * FROM admin WHERE username = ?");
-    $stmt->bind_param("s", $username);
-    $stmt->execute();
-    $res = $stmt->get_result();
-    if ($row = $res->fetch_assoc()) {
-        if (password_verify($password, $row['password'])) {
-            $_SESSION['admin'] = $row['username'];
+$oidc->authenticate();
+$userinfo = $oidc->getVerifiedClaims();
+$_SESSION['admin'] = $userinfo->preferred_username;
 header("Location: index.php");
 exit;
-        }
-    }
-    $error = "Credenziali non valide";
-}
-?>
-<!DOCTYPE html>
-<html>
-<head>
-  <title>Login Admin</title>
-  <meta name="viewport" content="width=device-width, initial-scale=1.0">
-  <link rel="stylesheet" href="style.css">
-</head>
-<body>
-
-  <div class="navbar">
-    <div class="logo">Admin Dashboard</div>
-    <div class="links">
-      <a href="/">Torna al sito</a>
-    </div>
-  </div>
-
-  <!-- Container login -->
-  <div class="login-container">
-    <h1>Login Admin</h1>
-    <?php if(isset($error)) echo "<div class='error'>$error</div>"; ?>
-    <form method="post">
-      <input type="text" name="username" placeholder="Username" required><br>
-      <input type="password" name="password" placeholder="Password" required><br>
-      <button type="submit">Login</button>
-    </form>
-  </div>
-<p style="text-align: center;">Copyright (C) 2025 EmmeV. - Released under <a href="https://git.vichingo455.freeddns.org/emmev-code/orario/src/branch/stable/LICENSE.txt" target="_blank">GNU AGPL 3.0 License</a>.</p>
-</body>
-</html>

htdocs/admin/logout.php

@@ -1,5 +1,5 @@
 <?php
 session_start();
 session_destroy();
-header('Location: https://<KEYCLOAK_URL>/realms/<REALM>/protocol/openid-connect/logout?post_logout_redirect_uri=https://<APP_DOMAIN>&client_id=<CLIENT_ID>');
-exit;
+header("Location: /index.php");
+?>

htdocs/admin/logout.php.backup

@@ -1,5 +1,5 @@
 <?php
 session_start();
 session_destroy();
-header("Location: /index.php");
-?>
+header('Location: https://<KEYCLOAK_URL>/realms/<REALM>/protocol/openid-connect/logout?post_logout_redirect_uri=https://<APP_DOMAIN>&client_id=<CLIENT_ID>');
+exit;