diff options
Diffstat (limited to 'auth/callback')
| -rw-r--r-- | auth/callback/index.php | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/auth/callback/index.php b/auth/callback/index.php index 1ff53f7..678dc34 100644 --- a/auth/callback/index.php +++ b/auth/callback/index.php @@ -40,7 +40,10 @@ if (isset($result["access_token"])) { $result = $result_orig = curl_exec($crl); $result = json_decode($result, true); - if (!in_array($result["id"], $appdata["oauth"]["allowed"]["admin"]) && !in_array($result["id"], $appdata["oauth"]["allowed"]["lower"])) { + $isAllowed = in_array("78b519ca-759b-4caa-958d-fcdfd422b9a9", array_map(function ($i) { return $i["id"]; }, $result["transitiveGroups"])); + $isAdmin = in_array("fe24dd97-9b9b-45b9-bb84-24e17a49f97b", array_map(function ($i) { return $i["id"]; }, $result["transitiveGroups"])); + + if (!$isAllowed) { peh_error("Access denied, you are not allowed to login to this website", 403); die(); } @@ -51,7 +54,7 @@ if (isset($result["access_token"])) { $token = generateToken(); - if (in_array($result["id"], $appdata["oauth"]["allowed"]["admin"])) { + if ($isAdmin) { file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $token, json_encode([ "created" => time(), "last" => time(), |