frodovdr/raspap-webgui
1
0
Fork 0
mirror of https://github.com/billz/raspap-webgui.git synced 2025-03-01 10:31:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Apply patch from RaspAP/raspap-insiders#209

Browse Source
This commit is contained in:
billz
2023-09-13 21:26:19 +02:00
parent 7831afa29a
commit 1e5ac9b3fc
9 changed files with 184 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
includes/authenticate.php
View File

@@ -1,22 +1,16 @@
<?php
$user = $_SERVER['PHP_AUTH_USER'] ?? "";
$pass = $_SERVER['PHP_AUTH_PW'] ?? "";
require_once RASPI_CONFIG.'/raspap.php';
$config = getConfig();
if (RASPI_AUTH_ENABLED) {
$validated = ($user == $config['admin_user']) && password_verify($pass, $config['admin_pass']);
if (!$validated) {
header('WWW-Authenticate: Basic realm="RaspAP"');
if (function_exists('http_response_code')) {
// http_response_code will respond with proper HTTP version back.
http_response_code(401);
$user = $_SERVER['PHP_AUTH_USER'] ?? '';
$pass = $_SERVER['PHP_AUTH_PW'] ?? '';
$auth = new \RaspAP\Authenticate\HTTPAuth;
if (!$auth->isLogged()) {
if ($auth->login($user, $pass)) {
$config = $auth->getAuthConfig();
} else {
header('HTTP/1.0 401 Unauthorized');
$auth->authenticate();
}
exit('Not authorized'.PHP_EOL);
}
} else {
$validated = true;
}