mirror/webgui
1
0
Fork 0
mirror of https://github.com/unraid/webgui.git synced 2026-04-22 18:19:14 -05:00
Code Issues Packages Projects Releases Wiki Activity

Support forms-based authentication for login/logout.

Browse Source 
Username 'admin' is alias for 'root'.
This commit is contained in:
Tom Mortensen
2019-08-17 13:08:41 -07:00
parent f49fd6c6a9
commit 4c6c950042
5 changed files with 367 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
plugins/dynamix/include/local_prepend.php
+3 -2
View File
@@ -15,14 +15,15 @@
* auto_prepend_file="/usr/local/emhttp/webGui/include/local_prepend.php"
*/
function csrf_terminate($reason) {
shell_exec("logger error: {$_SERVER['REQUEST_URI']}: $reason csrf_token");
shell_exec("logger error: {$_SERVER['REQUEST_URI']}: $reason csrf_token " . json_encode($_POST));
error_log(print_r($_SERVER, true));
exit;
}
putenv('PATH=.:/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin');
chdir('/usr/local/emhttp');
setlocale(LC_ALL,'en_US.UTF-8');
date_default_timezone_set(substr(readlink('/etc/localtime-copied-from'),20));
if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST') {
if ($_SERVER['SCRIPT_NAME'] != '/auth_request.php' && isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST') {
if (!isset($var)) $var = parse_ini_file('state/var.ini');
if (!isset($var['csrf_token'])) csrf_terminate("uninitialized");
if (!isset($_POST['csrf_token'])) csrf_terminate("missing");