diff options
Diffstat (limited to 'Authentication/Callback/index.php')
| -rw-r--r-- | Authentication/Callback/index.php | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/Authentication/Callback/index.php b/Authentication/Callback/index.php index 508326b..981525f 100644 --- a/Authentication/Callback/index.php +++ b/Authentication/Callback/index.php @@ -38,15 +38,22 @@ if (isset($result["access_token"])) { $result = curl_exec($crl); $result = json_decode($result, true); - if (!in_array($result["id"], $appdata["oauth"]["allowed"])) { - header("Location: /"); + if (!in_array($result["id"], $appdata["oauth"]["allowed"]["admin"]) && !in_array($result["id"], $appdata["oauth"]["allowed"]["lower"])) { + header("Location: /?error=Access denied, you are not allowed to login to this website"); die(); } if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens")) mkdir($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens"); + if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens")) mkdir($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens"); $token = bin2hex(random_bytes(32)); - file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token, json_encode($result)); + + if (in_array($result["id"], $appdata["oauth"]["allowed"]["admin"])) { + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token, json_encode($result)); + } else { + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token, json_encode($result)); + } + header("Set-Cookie: PEH2_SESSION_TOKEN=" . $token . "; SameSite=None; Path=/; Secure; HttpOnly; Expires=" . date("r", time() + (86400 * 730))); header("Location: /Authentication/Success"); |