Add support for the X-WebAuth-User header for authentication

includes/checksession.php

@@ -18,8 +18,24 @@
         $userData['avatar'] = "0";
     }
 } else {
+    // Read X-WebAuth-User header
+    if (isset($_SERVER['HTTP_X_WEBAUTH_USER'])) {
+        $username = $_SERVER['HTTP_X_WEBAUTH_USER'];
+        $sql = "SELECT * FROM user WHERE username = :username";
+        $stmt = $db->prepare($sql);
+        $stmt->bindValue(':username', $username, SQLITE3_TEXT);
+        $result = $stmt->execute();
+        $userData = $result->fetchArray(SQLITE3_ASSOC);
 
-        if (isset($_COOKIE['wallos_login'])) {
+        if ($userData === false) {
+            header('Location: logout.php');
+            exit();
+        }
+
+        if ($userData['avatar'] == "") {
+            $userData['avatar'] = "0";
+        }
+    } else if (isset($_COOKIE['wallos_login'])) {
         $cookie = explode('|', $_COOKIE['wallos_login'], 3);
         $username = $cookie[0];
         $token = $cookie[1];
@@ -65,8 +81,6 @@
             header("Location: logout.php");
             exit();
         }
-
-            
     } else {
         $db->close();
         header("Location: login.php");