- commit
- 7653657ea22760689900ffe789915569bdaae578
- parent
- c08fe08bd5106e8cb6da39dab050af40d8c0a751
- Author
- Tobias Bengfort <tobias.bengfort@posteo.de>
- Date
- 2018-10-21 09:57
make auth work behind apache
Diffstat
| M | .htaccess | 5 | +++++ |
| M | index.php | 18 | +++++++++++++++++- |
2 files changed, 22 insertions, 1 deletions
diff --git a/.htaccess b/.htaccess
@@ -1,3 +1,8 @@
-1 1 <IfModule mod_rewrite.c>
-1 2 RewriteEngine On
-1 3 RewriteRule index.php - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
-1 4 </IfModule>
-1 5
1 6 <FilesMatch "\.(htaccess|htpasswd|php)$">
2 7 Order Allow,Deny
3 8 Deny from all
diff --git a/index.php b/index.php
@@ -398,6 +398,21 @@ function errorView($pupupu, $twig, $error) 398 398 )); 399 399 } 400 400 -1 401 function getAuth() -1 402 { -1 403 $redirect = $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] ?? ''; -1 404 if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { -1 405 $user = $_SERVER['PHP_AUTH_USER']; -1 406 $password = $_SERVER['PHP_AUTH_PW']; -1 407 } elseif (substr($redirect, 0, 6) === 'Basic ') { -1 408 list($user, $password) = explode(':' , base64_decode(substr($redirect, 6))); -1 409 } -1 410 return array( -1 411 'user' => $user ?? '', -1 412 'password' => $password ?? '', -1 413 ); -1 414 } -1 415 401 416 $pupupu = new Pupupu('..', '..', '..'); 402 417 403 418 if (isset($_SERVER['REQUEST_METHOD'])) { @@ -406,7 +421,8 @@ if (isset($_SERVER['REQUEST_METHOD'])) { 406 421 $twig->addFilter(new Twig_Filter('trans', 'trans')); 407 422 408 423 try {409 -1 if (!$pupupu->checkPassword($_SERVER['PHP_AUTH_USER'] ?? '', $_SERVER['PHP_AUTH_PW'] ?? '')) {-1 424 $auth = getAuth(); -1 425 if (!$pupupu->checkPassword($auth['user'], $auth['password'])) { 410 426 $msg = trans('Login required'); 411 427 header('WWW-Authenticate: Basic realm="' . $msg . '"'); 412 428 throw new HttpException($msg, 401);