lindeas
/
jilo-web
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases 4 Wiki Activity

fixes login issues

main
Yasen Pramatarov 2024-07-03 09:37:35 +03:00
parent eff4b073f5
commit 50b3409b47
4 changed files with 24 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -1,5 +1,7 @@
# Jilo Web # Jilo Web
This is still not operational. Goals for v.0.1 - browsing of basic info about Jilo config and about Jitsi Meet conferences.
## requirements ## requirements
- web server (deb: apache | nginx) - web server (deb: apache | nginx)

2
jilo-web.conf.php
View File

@ -1,7 +1,7 @@
<?php <?php
$config = [ $config = [
'domain' => 'localhost.com', 'domain' => 'localhost',
'folder' => '/jilo-web/', 'folder' => '/jilo-web/',
'database' => '/home/yasen/work/code/git/lindeas-code/jilo-web/jilo-web.db', 'database' => '/home/yasen/work/code/git/lindeas-code/jilo-web/jilo-web.db',
]; ];

8
public_html/index.php
View File

@ -40,8 +40,11 @@ if (isset($_GET['page'])) {
$page = 'front'; $page = 'front';
} }
// logged in username // check if logged in
if ( isset($_SESSION['username']) ) { if (isset($_COOKIE['username'])) {
if ( !isset($_SESSION['username']) ) {
$_SESSION['username'] = $_COOKIE['username'];
}
$user = htmlspecialchars($_SESSION['username']); $user = htmlspecialchars($_SESSION['username']);
} }
@ -67,6 +70,7 @@ if (in_array($page, $allowed_urls)) {
// clean up session // clean up session
session_unset(); session_unset();
session_destroy(); session_destroy();
setcookie('username', "", time() - 100, $config['folder'], $config['domain'], isset($_SERVER['HTTPS']), true);
$notice = "You were logged out.<br />You can log in again."; $notice = "You were logged out.<br />You can log in again.";
include 'templates/header.php'; include 'templates/header.php';

17
public_html/pages/login.php
View File

@ -20,26 +20,39 @@ try {
if (isset($_POST['remember_me'])) { if (isset($_POST['remember_me'])) {
// 30*24*60*60 = 30 days // 30*24*60*60 = 30 days
$cookie_lifetime = 30 * 24 * 60 * 60; $cookie_lifetime = 30 * 24 * 60 * 60;
$setcookie_lifetime = time() + 30 * 24 * 60 * 60;
$gc_maxlifetime = 30 * 24 * 60 * 60; $gc_maxlifetime = 30 * 24 * 60 * 60;
} else { } else {
// 0 - session end on browser close // 0 - session end on browser close
// 1440 - 24 minutes (default) // 1440 - 24 minutes (default)
$cookie_lifetime = 0; $cookie_lifetime = 0;
$setcookie_lifetime = 0;
$gc_maxlifetime = 1440; $gc_maxlifetime = 1440;
} }
// set session lifetime // set session lifetime and cookies
ini_set('session.gc_maxlifetime', $gc_maxlifetime); ini_set('session.gc_maxlifetime', $gc_maxlifetime);
session_set_cookie_params([ session_set_cookie_params([
'lifetime' => $cookie_lifetime, 'lifetime' => $setcookie_lifetime,
'samesite' => 'Strict', 'samesite' => 'Strict',
'httponly' => true, 'httponly' => true,
'secure' => isset($_SERVER['HTTPS']), 'secure' => isset($_SERVER['HTTPS']),
'domain' => $config['domain'], 'domain' => $config['domain'],
'path' => $config['folder'] 'path' => $config['folder']
]); ]);
session_name($username);
session_start(); session_start();
// FIXME it doesn't set a cookie with session_set_cookie_params only
setcookie('username', $username, [
'expires' => $setcookie_lifetime,
'path' => $config['folder'],
'domain' => $config['domain'],
'secure' => isset($_SERVER['HTTPS']),
'httponly' => true,
'samesite' => 'Strict'
]);
// redirect to index // redirect to index
$_SESSION['notice'] = "Login successful"; $_SESSION['notice'] = "Login successful";
header('Location: index.php'); header('Location: index.php');