tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-27 07:44:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

#13035 added token login in mobile

Browse Source
This commit is contained in:
Daniel Cebrian 2024-04-12 13:28:47 +02:00
parent ffd46403b2
commit d08d1b1926
3 changed files with 20 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pandora_console/include/javascript/pandora.js
View File

@ -2745,9 +2745,16 @@ function redirectNode(url, target = "_blank") {
event.preventDefault(); event.preventDefault();
} }
let pathAjax = "ajax.php";
// Detect if view is phone.
if (window.settings && window.settings.mobile) {
pathAjax = "../ajax.php";
}
$.ajax({ $.ajax({
method: "POST", method: "POST",
url: "ajax.php", url: pathAjax,
dataType: "json", dataType: "json",
data: { data: {
page: "include/ajax/token", page: "include/ajax/token",

40
pandora_console/mobile/include/user.class.php
View File

@ -83,55 +83,37 @@ class User
{ {
$system = System::getInstance(); $system = System::getInstance();
$loginhash = $system->getRequest('loginhash', null);
$autologin = $system->getRequest('autologin', false); $autologin = $system->getRequest('autologin', false);
$auth_token = $_POST['auth_token'];
if ($autologin !== false) { if ($autologin !== false) {
$user = $system->getRequest('user', null); $user = $system->getRequest('user', null);
$password = $system->getRequest('password', null); $password = $system->getRequest('password', null);
$this->login($user, $password); $this->login($user, $password);
} else { } else if (empty($auth_token) === false) {
if (empty($loginhash) === false) { $this->login(null, null, $auth_token);
// Hash login process.
$loginhash_data = $system->getRequest('loginhash_data', null);
$loginhash_user = str_rot13($system->getRequest('loginhash_user', null));
$this->login($loginhash_user, null, $loginhash_data);
}
} }
return $this->logged; return $this->logged;
} }
public function login($user=null, $password=null, $loginhash_data='') public function login($user=null, $password=null, $auth_token='')
{ {
global $config; global $config;
$system = System::getInstance(); $system = System::getInstance();
if (empty($auth_token) === false && (bool) $config['JWT_signature'] !== false) {
if (empty($loginhash_data) === false) { $jwt = new JWTRepository($config['JWT_signature']);
if ($config['loginhash_pwd'] != '' if ($jwt->setToken($auth_token)
&& $loginhash_data == md5( && $jwt->validate()
$user.io_output_password(
$config['loginhash_pwd']
)
)
) { ) {
$this->logged = true; $this->logged = true;
$this->user = $user; $this->user = $jwt->payload()->get('id_user');
$this->loginTime = time(); $this->loginTime = time();
$this->errorLogin = false; $this->errorLogin = false;
$this->saveLogin(); $this->saveLogin();
} else { } else {
include_once 'general/login_page.php'; $this->logged = false;
db_pandora_audit( $this->errorLogin = __('Token invalid');
AUDIT_LOG_USER_REGISTRATION,
'Loginhash failed',
'system'
);
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
} }
return $this->logged; return $this->logged;

1
pandora_console/mobile/index.php
View File

@ -31,6 +31,7 @@ require_once 'include/user.class.php';
* serializing objects stored into the session. * serializing objects stored into the session.
*/ */
require_once '../include/config.php'; require_once '../include/config.php';
require_once '../include/class/JWTRepository.class.php';
require_once 'operation/home.php'; require_once 'operation/home.php';
require_once 'operation/tactical.php'; require_once 'operation/tactical.php';