Création ''sale'' des pages des 2 niveaux d'authentification 'warehouse' et 'admin'
This commit is contained in:
xdrm-brackets
parent
ff314a4950
commit
f740db303d
65
index.php
65
index.php
|
|
@ -23,27 +23,16 @@
|
|||
|
||||
|
||||
|
||||
/* [3] Gestion des authentifications et des droits
|
||||
/* [1] Gestion des authentifications et des droits
|
||||
=========================================================*/
|
||||
\manager\Authentification::check();
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
/* [1] Gestion de l'authentification
|
||||
=========================================================*/
|
||||
|
||||
|
||||
|
||||
|
||||
/* (1) On met à jour l'authentification et les permissions */
|
||||
Authentification::check();
|
||||
$auth = Authentification::auth();
|
||||
|
||||
/* (2) On définit la page d'accueil */
|
||||
if( $auth == 2 ) $root_page = 'dashboard'; // Connecté -> Accès
|
||||
elseif( $auth == 1 ) $root_page = 'admin'; // Pas identifié -> Identification
|
||||
else $root_page = 'warehouse'; // Pas localisé -> Localisation
|
||||
|
||||
|
||||
|
||||
|
|
@ -56,29 +45,33 @@
|
|||
---------------------------------------------------------*/
|
||||
$R = new Router( $_GET['url'] );
|
||||
|
||||
/* (2) Dispatcher */
|
||||
$R->get('f(?:/([\w-]+))*/?', function(){ new ResourceDispatcher($_GET['url'], true); });
|
||||
|
||||
/* (2) On cree les regles de routage
|
||||
|
||||
/* (3) On cree les regles de routage QUAND ON EST CONNECTE
|
||||
---------------------------------------------------------*/
|
||||
/* (1) Racine -> page d'accueil */
|
||||
$R->get('/?', function(){ header('Location: /dashboard/'); });
|
||||
$R->get('/?', function(){ header("Location: /$root_page/"); });
|
||||
|
||||
/* (2) Liste des pages du site */
|
||||
$page_list = [
|
||||
'dashboard',
|
||||
'profile',
|
||||
'machines',
|
||||
'users',
|
||||
'groups',
|
||||
'analytics',
|
||||
'settings'
|
||||
];
|
||||
|
||||
/* (2) Si on est connecté */
|
||||
if( $auth == 2 ){
|
||||
|
||||
// Liste des pages du site
|
||||
$page_list = [ 'dashboard', 'profile', 'machines', 'users', 'groups', 'analytics', 'settings' ];
|
||||
|
||||
// nomPage/arg1/arg2 -> inclusion de la page
|
||||
$R->get('(?:'.implode('|', $page_list).')(?:/[\w-]+)*/?', function(){ include __ROOT__.'/view.php'; });
|
||||
$R->get('(?:'.implode('|', $page_list).')(?:/[\w-]+)*/?', function(){ include __ROOT__.'/view/view.php'; });
|
||||
|
||||
|
||||
/* (3) Si on est pas identifié */
|
||||
}else if( $auth == 1 )
|
||||
$R->get('.+', function(){ include __ROOT__.'/view/admin.php'; });
|
||||
else
|
||||
$R->get('.+', function(){ include __ROOT__.'/view/warehouse.php'; });
|
||||
|
||||
|
||||
/* (3) Dispatcher */
|
||||
$R->get('f(?:/([\w-]+))*/?', function(){ new ResourceDispatcher($_GET['url'], true); });
|
||||
|
||||
|
||||
/* (4) api/module/method -> Api */
|
||||
|
|
@ -93,8 +86,8 @@
|
|||
|
||||
|
||||
/* (5) N'importe -> page d'accueil */
|
||||
$R->get('.+', function(){ header('Location: /dashboard/'); });
|
||||
$R->post('.+', function(){ header('Location: /dashboard/'); });
|
||||
$R->get('.+', function(){ header("Location: /$root_page/"); });
|
||||
$R->post('.+', function(){ header("Location: /$root_page/"); });
|
||||
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -21,6 +21,12 @@
|
|||
public static function warehouse($params){
|
||||
extract($params);
|
||||
|
||||
|
||||
/* [0] Par défaut, on déconnecte
|
||||
=========================================================*/
|
||||
$_SESSION['AUTH'] = [];
|
||||
|
||||
|
||||
/* [1] On recherche un entrepot avec ce nom
|
||||
=========================================================*/
|
||||
$getName = new Repo('warehouse/getByName', [$name]);
|
||||
|
|
@ -67,6 +73,12 @@
|
|||
public static function admin($params){
|
||||
extract($params);
|
||||
|
||||
|
||||
/* [0] Par défaut, on déconnecte l'administrateur
|
||||
=========================================================*/
|
||||
$_SESSION['AUTH'][1] = '';
|
||||
|
||||
|
||||
/* [1] On recherche un entrepot avec ce nom
|
||||
=========================================================*/
|
||||
$getUsername = new Repo('admin/getByUsername', [$username]);
|
||||
|
|
|
|||
|
|
@ -11,8 +11,21 @@
|
|||
/*************************/
|
||||
/* SECURE SHA1 ALGORITHM */
|
||||
/*************************/
|
||||
public static function secure_hash($data){
|
||||
return hash('sha256', '">\[..|{@#))'.hash('sha256', $data.'_)Q@#((%*_$%(@#') );
|
||||
public static function secure_hash($data, $depth=1){
|
||||
/* [1] On hash @depth fois
|
||||
=========================================================*/
|
||||
$hash = $data;
|
||||
$c = 0;
|
||||
|
||||
for( $h = 0 ; $h < $depth ; $h++ ){
|
||||
$hash = hash('sha256', '">\[..|{@#))'.hash('sha256', $hash.'_)Q@#((%*_$%(@#') );
|
||||
$c++;
|
||||
}
|
||||
|
||||
|
||||
/* [2] On renvoie le résultat
|
||||
=========================================================*/
|
||||
return $hash;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -7,24 +7,10 @@
|
|||
|
||||
|
||||
$hash = 'password';
|
||||
$hashes = [];
|
||||
|
||||
var_dump( sessionManager::secure_hash($hash, 1000) );
|
||||
|
||||
|
||||
for( $i = 0 ; $i < 1000 ; $i++ ){
|
||||
$hash = sessionManager::secure_hash($hash);
|
||||
|
||||
if( isset($hashes[$hash]) )
|
||||
var_dump('already');
|
||||
|
||||
$hashes[$hash] = null;
|
||||
var_dump($hash);
|
||||
}
|
||||
|
||||
|
||||
|
||||
var_dump( count($hashes) );
|
||||
|
||||
|
||||
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -0,0 +1,168 @@
|
|||
<?php use \manager\ResourceDispatcher; ?>
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<title>Authentification</title>
|
||||
|
||||
<!-- Informations de la page -->
|
||||
<meta name='Content-Type' content='text/html; charset=utf-8'>
|
||||
<meta charset='utf-8'>
|
||||
<meta name='author' content='Adrien MARQUÈS alias {xdrm};'>
|
||||
<meta name='desctiption' content="Système de gestion des véhicules pour STEF.">
|
||||
|
||||
<!-- Dépendences CSS -->
|
||||
<link type='text/css' rel='stylesheet' href='/f/css/reset/css' /> <!-- Reset du css natif des browsers -->
|
||||
|
||||
|
||||
<!-- Dépendences Javascript -->
|
||||
<script type='text/javascript' src='/f/js/input-checker/js/lib' ></script> <!-- Gestion dynamique des saisies -->
|
||||
<script type='text/javascript' src='/f/js/reset/js/lib' ></script> <!-- Corrections Javascript natif (ajouts) -->
|
||||
<script type='text/javascript' src='/f/js/api/js/lib' ></script> <!-- Gestion des transactions avec le serveur -->
|
||||
<script type='text/javascript' src='/f/js/page-manager/js/lib' ></script> <!-- Gestion des transactions avec le serveur -->
|
||||
|
||||
</head>
|
||||
<style type='text/css'>
|
||||
body{
|
||||
display: flex;
|
||||
position: absolute;
|
||||
top: 0;
|
||||
left: 0;
|
||||
width: 100%;
|
||||
height: 100%;
|
||||
margin: 0;
|
||||
padding: 0;
|
||||
|
||||
flex-direction: row;
|
||||
flex-wrap: nowrap;
|
||||
justify-content: center;
|
||||
align-items: center;
|
||||
|
||||
background: #933024;
|
||||
|
||||
font-family: "Roboto";
|
||||
}
|
||||
|
||||
#FORM{
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
justify-content: space-around;
|
||||
align-items: center;
|
||||
width: 30em;
|
||||
min-height: 22em;
|
||||
|
||||
border-radius: 5px;
|
||||
|
||||
background: #fff;
|
||||
}
|
||||
|
||||
#FORM > input{
|
||||
width: calc( 80% - 2*2em );
|
||||
height: calc( 4em - 2*1em );
|
||||
padding: 1em 2em;
|
||||
|
||||
border-radius: 3px;
|
||||
border: 0;
|
||||
|
||||
background: #F1F2F4;
|
||||
|
||||
color: #444;
|
||||
font-family: "Open Sans";
|
||||
|
||||
box-shadow: inset -1px 1px 5px #ddd;
|
||||
}
|
||||
|
||||
#FORM > input[type='button']{
|
||||
width: 80%;
|
||||
height: 4em;
|
||||
|
||||
background: #00CD6A;
|
||||
color: #fff;
|
||||
|
||||
box-shadow: 0 2px 0 0 #00B65B;
|
||||
|
||||
cursor: pointer;
|
||||
}
|
||||
|
||||
#FORM > input[type='button']:hover{
|
||||
box-shadow: 0 3px 0 0 #00B65B;
|
||||
}
|
||||
|
||||
#FORM > #err-box{
|
||||
color: #F64247;
|
||||
}
|
||||
|
||||
</style>
|
||||
<body>
|
||||
|
||||
|
||||
|
||||
<!-- CORPS DE LA PAGE -->
|
||||
<div id='FORM'>
|
||||
<span>Authentification</span>
|
||||
<input type='text' placeholder='Identifiant' id='admin-name'>
|
||||
<input type='password' placeholder="Mot de passe" id='admin-password'>
|
||||
|
||||
<input type='button' value='AUTHENTIFICATION' id='admin-submit'>
|
||||
<span id='err-box'></span>
|
||||
</div>
|
||||
|
||||
|
||||
|
||||
<!-- Dépendences Javascript après chargement des éléments -->
|
||||
<script type='text/javascript'>
|
||||
var api = new APIClass('/api/');
|
||||
|
||||
/* [0] Récupération des éléments utiles du DOM
|
||||
=========================================================*/
|
||||
var aForm = document.getElementById('FORM');
|
||||
var aName = document.getElementById('admin-name');
|
||||
var aPassword = document.getElementById('admin-password');
|
||||
var aSubmit = document.getElementById('admin-submit');
|
||||
var errBox = document.getElementById('err-box');
|
||||
|
||||
|
||||
/* [1] Gestion de l'évènement
|
||||
=========================================================*/
|
||||
function handler(e){
|
||||
/* (1) Si clavier : si pas touche 'Enter', on ne fais rien */
|
||||
if( e instanceof KeyboardEvent && e.keyCode != 13 )
|
||||
return false;
|
||||
|
||||
/* (2) On effectue la requête pour voir si tout fonctionne bien */
|
||||
var request = {
|
||||
path: 'authentificationDefault/admin',
|
||||
username: aName.value,
|
||||
password: aPassword.value
|
||||
};
|
||||
|
||||
api.send(request, function(response){
|
||||
|
||||
// Si erreur de module
|
||||
if( response.ModuleError != 0 ){
|
||||
errBox.innerHTML = 'Erreur interne! Contactez le webmaster.';
|
||||
aPassword.value = '';
|
||||
return false;
|
||||
}
|
||||
|
||||
// Si identifiant/mot de passe incorrect
|
||||
if( !response.status ){
|
||||
errBox.innerHTML = 'Combinaison incorrecte.';
|
||||
aPassword.value = '';
|
||||
return false;
|
||||
|
||||
// Si correct, on recharge la page
|
||||
}else
|
||||
document.location = '';
|
||||
});
|
||||
|
||||
}
|
||||
|
||||
|
||||
/* [2] Lancement des 'listeners'
|
||||
=========================================================*/
|
||||
aSubmit.addEventListener('click', handler, false);
|
||||
aForm.addEventListener('keypress', handler, false);
|
||||
</script>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
|
@ -0,0 +1,168 @@
|
|||
<?php use \manager\ResourceDispatcher; ?>
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<title>Connexion au Parc</title>
|
||||
|
||||
<!-- Informations de la page -->
|
||||
<meta name='Content-Type' content='text/html; charset=utf-8'>
|
||||
<meta charset='utf-8'>
|
||||
<meta name='author' content='Adrien MARQUÈS alias {xdrm};'>
|
||||
<meta name='desctiption' content="Système de gestion des véhicules pour STEF.">
|
||||
|
||||
<!-- Dépendences CSS -->
|
||||
<link type='text/css' rel='stylesheet' href='/f/css/reset/css' /> <!-- Reset du css natif des browsers -->
|
||||
|
||||
|
||||
<!-- Dépendences Javascript -->
|
||||
<script type='text/javascript' src='/f/js/input-checker/js/lib' ></script> <!-- Gestion dynamique des saisies -->
|
||||
<script type='text/javascript' src='/f/js/reset/js/lib' ></script> <!-- Corrections Javascript natif (ajouts) -->
|
||||
<script type='text/javascript' src='/f/js/api/js/lib' ></script> <!-- Gestion des transactions avec le serveur -->
|
||||
<script type='text/javascript' src='/f/js/page-manager/js/lib' ></script> <!-- Gestion des transactions avec le serveur -->
|
||||
|
||||
</head>
|
||||
<style type='text/css'>
|
||||
body{
|
||||
display: flex;
|
||||
position: absolute;
|
||||
top: 0;
|
||||
left: 0;
|
||||
width: 100%;
|
||||
height: 100%;
|
||||
margin: 0;
|
||||
padding: 0;
|
||||
|
||||
flex-direction: row;
|
||||
flex-wrap: nowrap;
|
||||
justify-content: center;
|
||||
align-items: center;
|
||||
|
||||
background: #1E3C50;
|
||||
|
||||
font-family: "Roboto";
|
||||
}
|
||||
|
||||
#FORM{
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
justify-content: space-around;
|
||||
align-items: center;
|
||||
width: 30em;
|
||||
min-height: 22em;
|
||||
|
||||
border-radius: 5px;
|
||||
|
||||
background: #fff;
|
||||
}
|
||||
|
||||
#FORM > input{
|
||||
width: calc( 80% - 2*2em );
|
||||
height: calc( 4em - 2*1em );
|
||||
padding: 1em 2em;
|
||||
|
||||
border-radius: 3px;
|
||||
border: 0;
|
||||
|
||||
background: #F1F2F4;
|
||||
|
||||
color: #444;
|
||||
font-family: "Open Sans";
|
||||
|
||||
box-shadow: inset -1px 1px 5px #ddd;
|
||||
}
|
||||
|
||||
#FORM > input[type='button']{
|
||||
width: 80%;
|
||||
height: 4em;
|
||||
|
||||
background: #00CD6A;
|
||||
color: #fff;
|
||||
|
||||
box-shadow: 0 2px 0 0 #00B65B;
|
||||
|
||||
cursor: pointer;
|
||||
}
|
||||
|
||||
#FORM > input[type='button']:hover{
|
||||
box-shadow: 0 3px 0 0 #00B65B;
|
||||
}
|
||||
|
||||
#FORM > #err-box{
|
||||
color: #F64247;
|
||||
}
|
||||
|
||||
</style>
|
||||
<body>
|
||||
|
||||
|
||||
|
||||
<!-- CORPS DE LA PAGE -->
|
||||
<div id='FORM'>
|
||||
<span>Connexion au Parc</span>
|
||||
<input type='text' placeholder='Identifiant' id='warehouse-name'>
|
||||
<input type='password' placeholder="Code d'accès" id='warehouse-password'>
|
||||
|
||||
<input type='button' value='CONNEXION' id='warehouse-submit'>
|
||||
<span id='err-box'></span>
|
||||
</div>
|
||||
|
||||
|
||||
|
||||
<!-- Dépendences Javascript après chargement des éléments -->
|
||||
<script type='text/javascript'>
|
||||
var api = new APIClass('/api/');
|
||||
|
||||
/* [0] Récupération des éléments utiles du DOM
|
||||
=========================================================*/
|
||||
var wForm = document.getElementById('FORM');
|
||||
var wName = document.getElementById('warehouse-name');
|
||||
var wPassword = document.getElementById('warehouse-password');
|
||||
var wSubmit = document.getElementById('warehouse-submit');
|
||||
var errBox = document.getElementById('err-box');
|
||||
|
||||
|
||||
/* [1] Gestion de l'évènement
|
||||
=========================================================*/
|
||||
function handler(e){
|
||||
/* (1) Si clavier : si pas touche 'Enter', on ne fais rien */
|
||||
if( e instanceof KeyboardEvent && e.keyCode != 13 )
|
||||
return false;
|
||||
|
||||
/* (2) On effectue la requête pour voir si tout fonctionne bien */
|
||||
var request = {
|
||||
path: 'authentificationDefault/warehouse',
|
||||
name: wName.value,
|
||||
password: wPassword.value
|
||||
};
|
||||
|
||||
api.send(request, function(response){
|
||||
|
||||
// Si erreur de module
|
||||
if( response.ModuleError != 0 ){
|
||||
errBox.innerHTML = 'Erreur interne! Contactez le webmaster.';
|
||||
wPassword.value = '';
|
||||
return false;
|
||||
}
|
||||
|
||||
// Si identifiant/mot de passe incorrect
|
||||
if( !response.status ){
|
||||
errBox.innerHTML = 'Combinaison incorrecte.';
|
||||
wPassword.value = '';
|
||||
return false;
|
||||
|
||||
// Si correct, on recharge la page
|
||||
}else
|
||||
document.location = '';
|
||||
});
|
||||
|
||||
}
|
||||
|
||||
|
||||
/* [2] Lancement des 'listeners'
|
||||
=========================================================*/
|
||||
wSubmit.addEventListener('click', handler, false);
|
||||
wForm.addEventListener('keypress', handler, false);
|
||||
</script>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
Loading…
Reference in New Issue