summaryrefslogtreecommitdiff
path: root/auth/callback
diff options
context:
space:
mode:
authorRaindropsSys <raindrops@equestria.dev>2023-11-08 20:58:00 +0100
committerRaindropsSys <raindrops@equestria.dev>2023-11-08 20:58:00 +0100
commitdb763c929a8bc77da74fbb80f156842dc313295e (patch)
treecdd5a815536de1a76452b9e56748211fe2422369 /auth/callback
parent7417e8956d12cd69463f741b905b6c77576501f5 (diff)
downloadpluralconnect-db763c929a8bc77da74fbb80f156842dc313295e.tar.gz
pluralconnect-db763c929a8bc77da74fbb80f156842dc313295e.tar.bz2
pluralconnect-db763c929a8bc77da74fbb80f156842dc313295e.zip
Updated 3 files (automated)
Diffstat (limited to 'auth/callback')
-rw-r--r--auth/callback/index.php7
1 files changed, 5 insertions, 2 deletions
diff --git a/auth/callback/index.php b/auth/callback/index.php
index 1ff53f7..678dc34 100644
--- a/auth/callback/index.php
+++ b/auth/callback/index.php
@@ -40,7 +40,10 @@ if (isset($result["access_token"])) {
$result = $result_orig = curl_exec($crl);
$result = json_decode($result, true);
- if (!in_array($result["id"], $appdata["oauth"]["allowed"]["admin"]) && !in_array($result["id"], $appdata["oauth"]["allowed"]["lower"])) {
+ $isAllowed = in_array("78b519ca-759b-4caa-958d-fcdfd422b9a9", array_map(function ($i) { return $i["id"]; }, $result["transitiveGroups"]));
+ $isAdmin = in_array("fe24dd97-9b9b-45b9-bb84-24e17a49f97b", array_map(function ($i) { return $i["id"]; }, $result["transitiveGroups"]));
+
+ if (!$isAllowed) {
peh_error("Access denied, you are not allowed to login to this website", 403);
die();
}
@@ -51,7 +54,7 @@ if (isset($result["access_token"])) {
$token = generateToken();
- if (in_array($result["id"], $appdata["oauth"]["allowed"]["admin"])) {
+ if ($isAdmin) {
file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $token, json_encode([
"created" => time(),
"last" => time(),
© Floofi Systems, Some rights reserved. Powered by cgit.