Commit 279acefa authored by Imran Hussain's avatar Imran Hussain
Browse files

Switch doorkey to use the SSO system

parent 375df381
<?php
//ini_set('display_errors', 1);
//ini_set('display_startup_errors', 1);
//error_reporting(E_ALL);
$bannedUsers = array("vote","signup","cacti","video");
function ip_in_range($ip, $range) {
......@@ -24,23 +28,32 @@ if (!ip_in_range($ipAddr, "137.44.10.128/25")){
//exit("nah mate");
}
if(isset($_REQUEST['username'])) {
$username = strtolower($_REQUEST['username']);
$ssoid = $_COOKIE["sucs_sso_id_v1"];
$sso_error = false;
$not_logged_in = true;
$curlsso = curl_init();
curl_setopt($curlsso, CURLOPT_URL, "https://sso.sucs.org/api/v1/?id=${ssoid}");
curl_setopt($curlsso,CURLOPT_RETURNTRANSFER,TRUE);
$sso_result = json_decode(curl_exec($curlsso));
curl_close($curlsso);
if (!$sso_result->apistate === "ok") {
$sso_error = true;
}
if(isset($_REQUEST['password'])) {
$password = $_REQUEST['password'];
if ($sso_result->sucs_username !== null) {
$not_logged_in = false;
$username = $sso_result->sucs_username;
}
if ( in_array($username,$bannedUsers) ) {
if ($not_logged_in === false && in_array($sso_result->sucs_username,$bannedUsers) ) {
$banned = true;
//die("u r b&");
}
include_once("../ldap-auth.php");
$isAuthd = ldapAuth($username, $password);
if ($isAuthd == "sucs" && !$outsider && !$banned) {
if ($_POST["unlock"] === "Unlock!" && !$outsider && !$banned) {
include_once("../doorkey.php");
//curl door
$curl = curl_init();
......@@ -77,9 +90,9 @@ if ($isAuthd == "sucs" && !$outsider && !$banned) {
<div class="h-100 container justify-content-center text-center">
<div class="h-100 row d-flex justify-content-center align-items-center">
<div class="col-8">
<div class="card mb-4">
<div class="card mb-4 mt-4">
<?php
if ($outsider) {
if ($outsider || $sso_error) {
print('
<div class="card-body">
<h4 class="card-title">❌</h4>
......@@ -93,7 +106,6 @@ if ($isAuthd == "sucs" && !$outsider && !$banned) {
<p>You are banned from the room.</p>
</div>
');
} elseif ($success) {
print('
<div class="card-body">
......@@ -101,16 +113,22 @@ if ($isAuthd == "sucs" && !$outsider && !$banned) {
<p>Door unlocked!</p>
</div>
');
} else {
} elseif ($not_logged_in) {
print('
<div class="card-body">
<h4 class="card-title">🔑</h4>
<p>Hi stranger click the button below to login</p>
<a href=https://sso.sucs.org/?callbackapp=doorkey&callbackpath=/ class="btn btn-primary">Login!</a>
</div>
');
} else {
print('
<div class="card-body">
<h4 class="card-title">🔑🚪</h4>
<p>Hi '.${username}.' click the button below to unlock the door!</p>
<form method="post">
<div class="form-group">
<input type="text" name="username" size="15" class="form-control" placeholder="Enter username" /><br />
<input type="password" name="password" size="15" class="form-control" placeholder="Enter password" /><br />
<input type="submit" class="btn btn-primary" value="Unlock Door!" />
<input type="submit" name="unlock" class="btn btn-primary" value="Unlock!" />
</div>
</form>
</div>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment