70 lines
1.8 KiB
PHP
70 lines
1.8 KiB
PHP
<?php
|
|
// Create an account and apply SSH key
|
|
$config = json_decode(file_get_contents("/var/www/usergen/config.json", true));
|
|
|
|
function checkParameters($parameterArray){
|
|
$error = false;
|
|
foreach($parameterArray as $parameter){
|
|
if(!isset($_POST[$parameter])){
|
|
$error = true;
|
|
}
|
|
}
|
|
return $error;
|
|
}
|
|
|
|
function apiResult($result){
|
|
header('Content-type: application/json');
|
|
echo json_encode($result);
|
|
exit();
|
|
}
|
|
|
|
function success(){
|
|
apiResult(array("status" => true));
|
|
}
|
|
|
|
function error($error){
|
|
apiResult(array("status" => false, "error" => $error));
|
|
}
|
|
|
|
function validateUsername($username){
|
|
return (preg_match("/^([a-zA-Z0-9_.]+)$/", $username) == 1);
|
|
}
|
|
|
|
if (checkParameters(array("pubkey", "userId", "authToken"))){
|
|
error("Missing parameters");
|
|
}
|
|
|
|
$userToken = $_POST["authToken"];
|
|
$userId = $_POST["userId"];
|
|
$pubkey = $_POST["pubkey"];
|
|
|
|
$request = curl_init();
|
|
curl_setopt($request, CURLOPT_URL, "https://hackers.town/api/v1/accounts/verify_credentials");
|
|
curl_setopt($request, CURLOPT_RETURNTRANSFER, 1);
|
|
curl_setopt($request, CURLOPT_HTTPHEADER, array(
|
|
"Authorization: Bearer ".$userToken
|
|
));
|
|
$response = curl_exec($request);
|
|
curl_close($request);
|
|
$User = json_decode($response);
|
|
// Check User
|
|
if($User->id != $userId){
|
|
error("User Mismatch");
|
|
}
|
|
if(!validateUsername($User->username)){
|
|
error("Invalid Username");
|
|
}
|
|
// Create temporary pubkey holding file
|
|
$TempFileName = "/tmp/mkuser/".uniqid("ssh-", true).".pub";
|
|
if(!file_put_contents($TempFileName, $pubkey."\n")){
|
|
error("Key Addition Failed: Temp");
|
|
}
|
|
// Run User Generation Tool
|
|
// TODO: Replace with custom Rust PHP Extension
|
|
$UserGenCode = shell_exec("/etc/ttyserver/bin/mkuser.tmp \"".$User->username."\" \"".$TempFileName."\" 2>&1; echo $?");
|
|
if($UserGenCode != "0"){
|
|
error("Key Addition Failed: MK-".$UserGenCode);
|
|
}
|
|
success();
|
|
|
|
?>
|