Switch doorkey to use the SSO system

279acefa · Imran Hussain · 375df381 · 279acefa
Commit 279acefa authored Nov 01, 2019 by Imran Hussain
--- a/public/index.php
+++ b/public/index.php
 <?php

+//ini_set('display_errors', 1);
+//ini_set('display_startup_errors', 1);
+//error_reporting(E_ALL);
+
 $bannedUsers = array("vote","signup","cacti","video");

 function ip_in_range($ip, $range) {
@@ -24,23 +28,32 @@ if (!ip_in_range($ipAddr, "137.44.10.128/25")){
 	//exit("nah mate");
 }

-if(isset($_REQUEST['username'])) {
-	$username = strtolower($_REQUEST['username']);
+$ssoid = $_COOKIE["sucs_sso_id_v1"];
+
+$sso_error = false;
+$not_logged_in = true;
+
+$curlsso = curl_init();
+curl_setopt($curlsso, CURLOPT_URL, "https://sso.sucs.org/api/v1/?id=${ssoid}");
+curl_setopt($curlsso,CURLOPT_RETURNTRANSFER,TRUE);
+$sso_result = json_decode(curl_exec($curlsso));
+curl_close($curlsso);
+
+if (!$sso_result->apistate === "ok") {
+	$sso_error = true;
 }
-if(isset($_REQUEST['password'])) {
-	$password = $_REQUEST['password'];
+
+if ($sso_result->sucs_username !== null) {
+	$not_logged_in = false;
+	$username = $sso_result->sucs_username;
 }

-if ( in_array($username,$bannedUsers) ) {
+if ($not_logged_in === false && in_array($sso_result->sucs_username,$bannedUsers) ) {
 	$banned = true;
 	//die("u r b&");
 }

-include_once("../ldap-auth.php");
-
-$isAuthd = ldapAuth($username, $password);
-
-if ($isAuthd == "sucs" && !$outsider && !$banned) {
+if ($_POST["unlock"] === "Unlock!" && !$outsider && !$banned) {
 	include_once("../doorkey.php");
 	//curl door
 	$curl = curl_init();
@@ -77,9 +90,9 @@ if ($isAuthd == "sucs" && !$outsider && !$banned) {
 		<div class="h-100 container justify-content-center text-center">
 			<div class="h-100 row d-flex justify-content-center align-items-center">
 				<div class="col-8">
-					<div class="card mb-4">
+					<div class="card mb-4 mt-4">
 						<?php
-							if ($outsider) {
+							if ($outsider || $sso_error) {
 								print('
 							<div class="card-body">
 								<h4 class="card-title">❌</h4>
@@ -93,7 +106,6 @@ if ($isAuthd == "sucs" && !$outsider && !$banned) {
 								<p>You are banned from the room.</p>
 							</div>
 								');
-
 							} elseif ($success) {
 								print('
 							<div class="card-body">
@@ -101,16 +113,22 @@ if ($isAuthd == "sucs" && !$outsider && !$banned) {
 								<p>Door unlocked!</p>
 							</div>
 								');
-
-							} else {
+							} elseif ($not_logged_in) {
 								print('
 							<div class="card-body">
 								<h4 class="card-title">🔑</h4>
+								<p>Hi stranger click the button below to login</p>
+								<a href=https://sso.sucs.org/?callbackapp=doorkey&callbackpath=/ class="btn btn-primary">Login!</a>
+							</div>
+								');
+							} else {
+								print('
+							<div class="card-body">
+								<h4 class="card-title">🔑🚪</h4>
+								<p>Hi '.${username}.' click the button below to unlock the door!</p>
 								<form method="post">
 									<div class="form-group">
-										<input type="text" name="username" size="15" class="form-control" placeholder="Enter username" /><br />
-										<input type="password" name="password" size="15" class="form-control" placeholder="Enter password" /><br />
-										<input type="submit" class="btn btn-primary" value="Unlock Door!" />
+										<input type="submit" name="unlock" class="btn btn-primary" value="Unlock!" />
 									</div>
 								</form>
 							</div>