Updated 23 files, added assets/uploads/pt-princesscelestia.png and renamed assets/uploads/pt-luna.png (automated)

1 files changed, 10 insertions, 3 deletions

diff --git a/Authentication/Callback/index.php b/Authentication/Callback/index.php
index 508326b..981525f 100644
--- a/Authentication/Callback/index.php
+++ b/Authentication/Callback/index.php
@@ -38,15 +38,22 @@ if (isset($result["access_token"])) {
     $result = curl_exec($crl);
     $result = json_decode($result, true);
 
-    if (!in_array($result["id"], $appdata["oauth"]["allowed"])) {
-        header("Location: /");
+    if (!in_array($result["id"], $appdata["oauth"]["allowed"]["admin"]) && !in_array($result["id"], $appdata["oauth"]["allowed"]["lower"])) {
+        header("Location: /?error=Access denied, you are not allowed to login to this website");
         die();
     }
 
     if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens")) mkdir($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens");
+    if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens")) mkdir($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens");
 
     $token = bin2hex(random_bytes(32));
-    file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token, json_encode($result));
+
+    if (in_array($result["id"], $appdata["oauth"]["allowed"]["admin"])) {
+        file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token, json_encode($result));
+    } else {
+        file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token, json_encode($result));
+    }
+
     header("Set-Cookie: PEH2_SESSION_TOKEN=" . $token . "; SameSite=None; Path=/; Secure; HttpOnly; Expires=" . date("r", time() + (86400 * 730)));
 
     header("Location: /Authentication/Success");