[api\Authentification] management (almost done, module 'authentification/renew' todo)
This commit is contained in:
parent
e6df35cd0b
commit
929b4dc7fd
|
@ -0,0 +1 @@
|
||||||
|
52add802518cc5e81705e05f44abb920bc0cbf674bba0166e4c229022f4301bb
|
|
@ -42,23 +42,29 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
public static function check(){
|
public static function check(){
|
||||||
/* (1) Initialisation des permissions */
|
/* (1) Initialisation des variables
|
||||||
|
---------------------------------------------------------*/
|
||||||
|
/* (1) Token de header */
|
||||||
|
if( !isset($GLOBALS['TOKEN']) )
|
||||||
|
$GLOBALS['TOKEN'] = null;
|
||||||
|
|
||||||
|
/* (1) Liste des permissions */
|
||||||
if( !isset($GLOBALS['PERM']) )
|
if( !isset($GLOBALS['PERM']) )
|
||||||
$GLOBALS['PERM'] = [];
|
$GLOBALS['PERM'] = [];
|
||||||
|
|
||||||
|
|
||||||
/* (1) Gestion de AUTH (authentification) dans HEADER
|
/* (2) Gestion de AUTH (authentification) dans HEADER
|
||||||
---------------------------------------------------------*/
|
---------------------------------------------------------*/
|
||||||
define('__TOKEN__', isset($_SERVER['PHP_AUTH_DIGEST']) ? $_SERVER['PHP_AUTH_DIGEST'] : '' );
|
$GLOBALS['TOKEN'] = isset($_SERVER['PHP_AUTH_DIGEST']) ? $_SERVER['PHP_AUTH_DIGEST'] : '';
|
||||||
|
|
||||||
/* (2) Gestion de AUTH en fonction du token
|
/* (3) Gestion de AUTH en fonction du token
|
||||||
---------------------------------------------------------*/
|
---------------------------------------------------------*/
|
||||||
define('__TOKEN__', preg_match('/^[a-f0-9]{64}$/', __TOKEN__, $match) ? $match[0] : null );
|
$GLOBALS['TOKEN'] = preg_match('/^[a-f0-9]{64}$/', $GLOBALS['TOKEN'], $match) ? $match[0] : null;
|
||||||
|
|
||||||
/* (3) On vérifie l'authentification par BDD
|
/* (4) On vérifie l'authentification par BDD
|
||||||
---------------------------------------------------------*/
|
---------------------------------------------------------*/
|
||||||
if( !self::deepCheck() )
|
if( !self::deepCheck() )
|
||||||
define('__TOKEN__', null);
|
$GLOBALS['TOKEN'] = null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -77,31 +83,26 @@
|
||||||
|
|
||||||
/* [2] Vérification de l'authentification
|
/* [2] Vérification de l'authentification
|
||||||
=========================================================*/
|
=========================================================*/
|
||||||
/* (1) Fetch cyclic-hashing-system -> check files */
|
/* (1) Fetch cyclic-hashing-system -> check file */
|
||||||
$fn = [
|
$fn = __BUILD__.'/api/chs/hash';
|
||||||
'hash' => __BUILD__.'/api/chs/hash',
|
|
||||||
'cycle' => __BUILD__.'/api/chs/cycle'
|
|
||||||
];
|
|
||||||
|
|
||||||
if( !is_file($fn['hash']) || !is_file($fn['hash']) )
|
if( !is_file($fn) )
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
/* (2) Read files -> check contents */
|
/* (2) Read file -> check content */
|
||||||
$fc = [
|
$fc = file_get_contents($fn);
|
||||||
'hash' => file_get_contents($fn['hash']),
|
|
||||||
'cycle' => file_get_contents($fn['cycle'])
|
|
||||||
];
|
|
||||||
|
|
||||||
if( strlen($fc['hash']) !== 64 || !is_numeric($fc['cycle']) )
|
if( strlen($fc) !== 64 )
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
/* (3) Compares content */
|
/* (3) Compares content */
|
||||||
if( __TOKEN__ !== self::secure_hash($fc['hash'], intval($fc['cycle'])) )
|
$hashed = self::secure_hash($fc);
|
||||||
|
|
||||||
|
if( strlen($hashed) !== 64 || $GLOBALS['TOKEN'] !== $hashed )
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
/* (4) Stores new content */
|
/* (4) Stores new content */
|
||||||
file_put_contents($fn['hash'], __TOKEN__);
|
file_put_contents($fn, $GLOBALS['TOKEN']);
|
||||||
file_put_contents($fn['cycle'], intval($fc['cycle'])-1);
|
|
||||||
|
|
||||||
/* (5) Stores permission */
|
/* (5) Stores permission */
|
||||||
if( !in_array('cyclic-hash-system', $GLOBALS['PERM']) )
|
if( !in_array('cyclic-hash-system', $GLOBALS['PERM']) )
|
||||||
|
@ -155,7 +156,7 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
public static function auth(){
|
public static function auth(){
|
||||||
return is_null(__AUTH_) ? 0 : 1;
|
return is_null($GLOBALS['TOKEN']) ? 0 : 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue