admin-auth.php - devshort - private self-hosted shortlink service

admin-auth.php (4561B)
      1 <?php
      2 
      3 // This file is part of the devShort project under the MIT License. Visit https://sr.ht/~rwa/devshort for more information.
      4 
      5 session_start();
      6 $incorrect_password = false;
      7 
      8 $config_path = implode(DIRECTORY_SEPARATOR, array(__DIR__, "data", "config.json"));
      9 $config_content = json_decode(file_get_contents($config_path), true);
     10 
     11 // If no password is in the config.json file, redirect to wiki page
     12 if (!$config_content["admin_password"]) {
     13     header("Location: https://sr.ht/~rwa/devShort/");
     14     exit;
     15 }
     16 
     17 // First run: Hash password if it's in the config.json as clear text
     18 $admin_password = $config_content["admin_password"];
     19 if (password_get_info($admin_password)["algo"] == 0) {
     20     $hash = password_hash($admin_password, PASSWORD_DEFAULT);
     21 } else {
     22     $hash = $admin_password;
     23 }
     24 $config_content["admin_password"] = $hash;
     25 file_put_contents($config_path, json_encode($config_content, JSON_PRETTY_PRINT));
     26 
     27 // Logout user in session if mode is logout
     28 if (isset($_GET["logout"])) {
     29     unset($_SESSION["user_authenticated"]);
     30     header("Location: index.php");
     31     exit;
     32 }
     33 
     34 // Login user in session if mode is login and post data is available
     35 if (isset($_GET["login"]) && isset($_POST["input_password"])) {
     36     if (password_verify($_POST["input_password"], $config_content["admin_password"])) {
     37         $_SESSION["user_authenticated"] = true;
     38         header("Location: admin.php");
     39         exit;
     40     } else {
     41         $incorrect_password = true;
     42     }
     43 }
     44 
     45 // Generate custom buttons for the footer
     46 $links_string = "";
     47 if ($config_content["settings"]["custom_links"]) {
     48     foreach ($config_content["settings"]["custom_links"] as $name => $url) {
     49         $links_string = $links_string . "<a href=\"$url\" class=\"badge badge-primary\">$name</a> ";
     50     }
     51     $links_string = substr($links_string, 0, -1);
     52 }
     53 
     54 $author_string = "";
     55 if ($config_content["settings"]["author_link"]) {
     56     $author_string = "<a rel=\"me\" target=\"_blank\" href=\"". $config_content["settings"]["author_link"] ."\">".$config_content["settings"]["author"]."</a>";
     57 } else {
     58     $author_string = $config_content["settings"]["author"];
     59 }
     60 
     61 ?>
     62 
     63 <!doctype html>
     64 <html class="h-100" lang="en">
     65 
     66 <head>
     67     <meta charset="utf-8">
     68     <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
     69     <meta name="robots" content="noindex, nofollow">
     70     <meta name="author" content="<?php echo $config_content["settings"]["author"]; ?> and the devShort team">
     71     <link href="<?php echo $config_content["settings"]["favicon"]; ?>" rel="icon">
     72     <title>Login | <?php echo $config_content["settings"]["name"]; ?></title>
     73     <link href="assets/vendor/bootstrap/bootstrap.min.css" rel="stylesheet">
     74 </head>
     75 
     76 <body class="d-flex flex-column h-100">
     77 
     78     <main class="flex-shrink-0">
     79         <div class="container">
     80             <nav class="mt-3" aria-label="breadcrumb">
     81                 <ol class="breadcrumb shadow-sm">
     82                     <li class="breadcrumb-item"><a href="<?php echo $config_content["settings"]["home_link"]; ?>">Home</a></li>
     83                     <li class="breadcrumb-item"><?php echo $config_content["settings"]["name"]; ?></li>
     84                     <li class="breadcrumb-item active" aria-current="page">Login</li>
     85                 </ol>
     86             </nav>
     87             <h1 class="mt-5">Login</h1>
     88             <p class="lead">Please sign in to access the admin panel.</p>
     89             <form action="admin-auth.php?login" method="POST">
     90                 <div class="alert alert-danger" role="alert" <?php if (!$incorrect_password) { echo "style=\"display: none;\""; } ?>>
     91                     The given password was incorrect, please try again!
     92                 </div>
     93                 <div class="form-group">
     94                   <label for="inputPassword">Password</label>
     95                   <input class="form-control" id="inputPassword" name="input_password" type="password" autofocus required>
     96                 </div>
     97                 <button class="btn btn-primary" type="submit">Login</button>
     98             </form>
     99         </div>
    100     </main>
    101 
    102     <footer class="footer mt-auto py-3">
    103         <div class="container">
    104             <div class="d-flex justify-content-between align-items-center breadcrumb shadow-sm">
    105                 <span class="text-dark">&copy; 2020-2023 <?php echo $author_string; ?></a> and <a href="https://sr.ht/~rwa/devshort" target="_blank">devShort</a></span>
    106                 <?php if ($links_string) { echo "<span class=\"text-muted\">$links_string</span>"; } ?>
    107             </div>
    108         </div>
    109     </footer>
    110 
    111 </body>
    112 
    113 </html>
	devshort private self-hosted shortlink service
	git clone https://git.clttr.info/devshort.git
	Log (Feed) \| Files \| Refs (Tags) \| README \| LICENSE