From 09d0c71569918f5b4672f5e5bd1c977baa112fe4 Mon Sep 17 00:00:00 2001 From: Joshua Coles Date: Sun, 9 Jun 2024 22:04:35 +0100 Subject: [PATCH] (Minimum delta): Add support for the X-WebAuth-User header for authentication --- includes/checksession.php | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/includes/checksession.php b/includes/checksession.php index 9ceed0a..7c98fe4 100644 --- a/includes/checksession.php +++ b/includes/checksession.php @@ -21,8 +21,27 @@ $userData['avatar'] = "0"; } } else { + // Read X-WebAuth-User header as option for login + if (isset($_SERVER['HTTP_X_WEBAUTH_USER'])) { + $username = $_SERVER['HTTP_X_WEBAUTH_USER']; + $query = "SELECT id, username, main_currency, language FROM user WHERE username = :username"; + $stmt = $db->prepare($query); + $stmt->bindValue(':id', 1, SQLITE3_INTEGER); + $result = $stmt->execute(); + $row = $result->fetchArray(SQLITE3_ASSOC); - if (isset($_COOKIE['wallos_login'])) { + if ($row) { + $_SESSION['username'] = $row['username']; + $_SESSION['loggedin'] = true; + $_SESSION['main_currency'] = $row['main_currency']; + $_SESSION['userId'] = $row['id']; + $_SESSION['language'] = $row['language']; + } else { + $db->close(); + header("Location: logout.php"); + exit(); + } + } else if (isset($_COOKIE['wallos_login'])) { $cookie = explode('|', $_COOKIE['wallos_login'], 3); $username = $cookie[0]; $token = $cookie[1]; @@ -32,7 +51,7 @@ $stmt = $db->prepare($sql); $stmt->bindValue(':username', $username, SQLITE3_TEXT); $result = $stmt->execute(); - + if ($result) { $userData = $result->fetchArray(SQLITE3_ASSOC); if (!isset($userData['id'])) { @@ -79,8 +98,6 @@ header("Location: logout.php"); exit(); } - - } else { $db->close(); header("Location: login.php");