From 52b077a48c743ba4d08ac00520a0bf1ef6deef5f Mon Sep 17 00:00:00 2001
From: Thomas Lange <code@nerdmind.de>
Date: Fri, 24 Feb 2017 21:27:59 +0100
Subject: Initial commit.

---
 admin/auth.php | 86 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 86 insertions(+)
 create mode 100644 admin/auth.php

(limited to 'admin/auth.php')

diff --git a/admin/auth.php b/admin/auth.php
new file mode 100644
index 0000000..dbdd3ef
--- /dev/null
+++ b/admin/auth.php
@@ -0,0 +1,86 @@
+<?php
+#===============================================================================
+# DEFINE: Administration
+#===============================================================================
+define('ADMINISTRATION', TRUE);
+
+#===============================================================================
+# INCLUDE: Main configuration
+#===============================================================================
+require_once '../core/application.php';
+
+#===============================================================================
+# IF: Already authenticated
+#===============================================================================
+if(Application::isAuthenticated()) {
+	#===============================================================================
+	# IF: Logout action
+	#===============================================================================
+	if(HTTP::issetGET(['token' => Application::getSecurityToken(), ['action' => 'logout']])) {
+		session_destroy();
+		HTTP::redirect(Application::getAdminURL('auth.php'));
+	}
+
+	HTTP::redirect(Application::getAdminURL());
+}
+
+#===============================================================================
+# ELSE: Not authenticated
+#===============================================================================
+else {
+	#===============================================================================
+	# IF: Login action
+	#===============================================================================
+	if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'username', 'password')) {
+		try {
+			$User = User\Factory::buildByUsername(HTTP::POST('username'));
+
+			if($User->comparePassword(HTTP::POST('password'))) {
+				$_SESSION['auth'] = $User->getID();
+				HTTP::redirect(Application::getAdminURL());
+			}
+
+			else {
+				$messages[] = $Language->text('authentication_failure');
+			}
+		} catch(User\Exception $Exception){
+			$fake_hash = '$2y$10$xpnwDU2HumOgGQhVpMOP9uataEF82YXizniFhSUhYjUiXF8aoDk0C';
+			$fake_pass = HTTP::POST('password');
+
+			password_verify($fake_pass, $fake_hash);
+
+			$messages[] = $Language->text('authentication_failure');
+		}
+	}
+}
+
+#===============================================================================
+# TRY: Template\Exception
+#===============================================================================
+try {
+	$AuthTemplate = Template\Factory::build('auth');
+	$AuthTemplate->set('FORM', [
+		'INFO' => [
+			'LIST' => $messages ?? [],
+		],
+		'DATA' => [
+			'USERNAME' => HTTP::POST('username'),
+			'PASSWORD' => HTTP::POST('password'),
+		],
+		'TOKEN' => Application::getSecurityToken()
+	]);
+
+	$MainTemplate = Template\Factory::build('main');
+	$MainTemplate->set('NAME', 'Authentication');
+	$MainTemplate->set('HTML', $AuthTemplate);
+	echo $MainTemplate;
+}
+
+#===============================================================================
+# CATCH: Template\Exception
+#===============================================================================
+catch(Template\Exception $Exception) {
+	$Exception->defaultHandler();
+}
+?>
+
-- 
cgit v1.2.3