Prepare for Login Auth flow shift

This commit is contained in:
Elizabeth Cray 2023-10-01 18:54:30 -04:00
parent 857c9f1ab0
commit 185ab839ab
3 changed files with 31 additions and 7 deletions

1
.gitignore vendored
View File

@ -2,3 +2,4 @@ vendor/
config.json
composer.phar
DOMAIN_OVERRIDE
*.log

View File

@ -7,11 +7,13 @@ Warrant canary available at /etc/ttyserver/canary
## TODO: (From Fedi Reports)
* [ ] Descriptive pubkey upload responses
* [ ] Fix OAuth Process (Invalid showing up)
* [X] Change Sign Up to Log In
* [ ] **Fix OAuth Process (Invalid showing up)**
* [ ] UI to manage user's public keys
* [ ] Web Notifications for user activity
* [ ] Web UI to opt into [Gemini Web Proxy](https://git.corrupt.link/maddiefuzz/skeksis)
* [ ] Canary description popup?
* [ ] Shift-Click for Keygen Options
* [ ] Download SSH Public Key on fingerprint click?
## Completed TODO:
* Change Sign Up to Log In

View File

@ -1,8 +1,18 @@
<?php
$config = json_decode(file_get_contents("/var/www/usergen/config.json", true));
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
function flog($log_msg) {
$log_filename = "/var/www/html";
$log_file_data = $log_filename.'/log_' . date('d-M-Y') . '.log';
// if you don't add `FILE_APPEND`, the file will be erased each time you add a log
file_put_contents($log_file_data, $log_msg . "\n", FILE_APPEND);
}
if (isset($_REQUEST["act"])){
// internal functions such as id request
flog("Ret ACT:16 ✨ ".$_REQUEST["act"]." FROM ".$_SERVER["REMOTE_ADDR"]);
switch($_REQUEST["act"]){
case "id":
// return OAUTH app ID
@ -14,8 +24,19 @@ if (isset($_REQUEST["act"])){
break;
}
}else if (isset($_REQUEST["code"])){
// Mastodon callback
// Mastodon callback (Authorization Code from /oauth/authorize)
$MastCode = $_REQUEST["code"];
// var_dump($_REQUEST);
}
if (isset($_REQUEST["token"])){
// Token passed, use for repeated OAUTH
/* TODO: Long-Term Auth
* Check if HT Token valid
* Generate Browser Token
* Encrypt Browser Token with Client Data (User Agent + IP)
* $_SERVER["HTTP_USER_AGENT"] + $_SERVER["REMOTE_ADDR"]
*/
flog("token:35 ✨ ".$_REQUEST["token"]);
}
?>
<!DOCTYPE html>
@ -72,6 +93,7 @@ if (isset($_REQUEST["act"])){
curl_setopt($request, CURLOPT_POSTFIELDS, $options);
$response = curl_exec($request);
curl_close($request);
flog("oauth_token:91 ✨ ".$response);
$Auth = json_decode($response);
if(isset($Auth->token_type)){
// Valid Auth?
@ -85,6 +107,8 @@ if (isset($_REQUEST["act"])){
curl_close($request);
$User = json_decode($response);
flog("cred_verify:104 ✨ ".$response);
if (isset($User->id)){
// Congrats!
$AuthToken = $Auth->access_token;
@ -118,11 +142,10 @@ if (isset($_REQUEST["act"])){
// revoke token after usage
?>
<div id="usertoken" hidden><?php echo $AuthToken; ?></div>
<div id="usertoken" ><?php echo $AuthToken; ?></div>
<div class="row"<?php if(strpos($AuthToken, "Bad") === false){
echo "hidden";
}?>>
<!-- Select to upload public key or generate a new one locally -->
<span>
Invalid
</span>
@ -135,13 +158,11 @@ if (isset($_REQUEST["act"])){
</div><div class="row button"<?php if(strpos($AuthToken, "Bad") === false){
echo "hidden";
}?>>
<!-- Select to upload public key or generate a new one locally -->
<button class="col keyButton" onclick="beginOauth()">Retry</button>
</div>
<div class="row"<?php if(strpos($AuthToken, "Bad") !== false){
echo "hidden";
}?>>
<!-- Select to upload public key or generate a new one locally -->
<span>
<?php
$Welcomes = array("Welcome", "Dobrodošli", "Vitejte", "Welkom", "Tervetuloa", "Willkommen", "Fáilte", "Benvenuto", "Bienvenidos", "Välkommen", "ようこそ");