inc/auth_simple.php

   1 <?php
   2 /*
   3
   4 Simple authorisation module for ViewGit - protects web access with pre-configured username/password.
   5
   6 To Use:
   7
   8 1. Copy this file to <viewgitdir>/inc/auth_simple.php
   9 2. Update inc/localconfig.php to use simple auth module:
  10
  11         $conf['auth_lib'] = 'simple';
  12         $conf['auth_simple_users'] = array(
  13                 'username1'=>'nnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn'
  14                 'username2'=>'nnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn'
  15         );
  16
  17    where nnn is the md5 of the password for each user.
  18
  19 Tip: to generate the md5, use the login page with username 'md5' and your desired password.  The
  20      login will fail but it will show the md5 of the entered password.
  21
  22 Released under AGPLv3 or older.
  23
  24 Developed by Topten Software (Brad Robinson)
  25 http://www.toptensoftware.com
  26
  27 */
  28
  29 function auth_check()
  30 {
  31 global $conf;
  32 global $page;
  33
  34         session_start();
  35
  36         // Already signed in?
  37         if (isset($_SESSION['loginname']))
  38                 return;
  39
  40         // Form submit?
  41         if (isset($_REQUEST['login_action']))
  42         {
  43                 $username=$_REQUEST['username'];
  44                 $password=md5($_REQUEST['password']);
  45                 if (isset($conf['auth_simple_users'][$username]) && $conf['auth_simple_users'][$username]==$password)
  46                 {
  47                         $_SESSION['loginname']=$username;
  48                         return;
  49                 }
  50                 if ($username=="md5")
  51                         $loginmessage="MD5: ".$password;
  52                 else
  53                         $loginmessage="Login Failed";
  54         }
  55
  56         $page['title']="Login - ViewGit";
  57
  58
  59         // Not signed in, display login page
  60         require('templates/header.php');
  61 ?>
  62         <h2>Login Required</h2>
  63 <?php if (isset($loginmessage)):?>
  64         <p style="border:1px solid red; padding:2px; background:#f77;"><?php echo htmlspecialchars($loginmessage)?><p>
  65 <?php endif ?>
  66         <form method="POST" action="<?php echo htmlspecialchars($_SERVER['REQUEST_URI']) ?>">
  67         <table>
  68                 <tr>
  69                         <td width="100pt">User Name:</td>
  70                         <td><input type="text" name="username" id="username"></td>
  71                 </tr>
  72                 <tr>
  73                         <td>Password:</td>
  74                         <td><input type="password" name="password"></td>
  75                 </tr>
  76                 <tr>
  77                         <td>&nbsp;</td>
  78                         <td><input type="submit" name="login_action" value="Login"></td>
  79                 </tr>
  80         </table>
  81         </form>
  82         <script type="text/javascript">
  83         document.getElementById("username").focus();
  84         </script>
  85
  86 <?php
  87         require('templates/footer.php');
  88         die;
  89 }
  90 ?>