raspap-webgui/includes/authenticate.php

<?php
$user = $_SERVER['PHP_AUTH_USER'] ?? "";
$pass = $_SERVER['PHP_AUTH_PW'] ?? "";

require_once RASPI_CONFIG.'/raspap.php';
$config = getConfig();

if (RASPI_AUTH_ENABLED) {
    $validated = ($user == $config['admin_user']) && password_verify($pass, $config['admin_pass']);
    if (!$validated) {
        header('WWW-Authenticate: Basic realm="RaspAP"');
        if (function_exists('http_response_code')) {
            // http_response_code will respond with proper HTTP version back.
            http_response_code(401);
        } else {
            header('HTTP/1.0 401 Unauthorized');
        }
        exit('Not authorized'.PHP_EOL);
    }
} else {
    $validated = true;
}
Add simple authentication 2016-05-29 17:38:43 +02:00			`<?php`
Transfer template logic to includes, see #749 thx @mp035 2021-02-02 13:26:14 +01:00			`$user = $_SERVER['PHP_AUTH_USER'] ?? "";`
			`$pass = $_SERVER['PHP_AUTH_PW'] ?? "";`

			`require_once RASPI_CONFIG.'/raspap.php';`
			`$config = getConfig();`
Add simple authentication 2016-05-29 17:38:43 +02:00
Add RASPI_AUTH_ENABLED flag to config #280 2022-12-12 12:44:20 +01:00			`if (RASPI_AUTH_ENABLED) {`
			`$validated = ($user == $config['admin_user']) && password_verify($pass, $config['admin_pass']);`
			`if (!$validated) {`
			`header('WWW-Authenticate: Basic realm="RaspAP"');`
			`if (function_exists('http_response_code')) {`
			`// http_response_code will respond with proper HTTP version back.`
			`http_response_code(401);`
			`} else {`
			`header('HTTP/1.0 401 Unauthorized');`
			`}`
			`exit('Not authorized'.PHP_EOL);`
Processed with phpcs for PSR-2 coding standard 2019-04-10 10:37:35 +02:00			`}`
Add RASPI_AUTH_ENABLED flag to config #280 2022-12-12 12:44:20 +01:00			`} else {`
			`$validated = true;`
Add simple authentication 2016-05-29 17:38:43 +02:00			`}`