jester/web_auth
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

dev #1

Merged
jester merged 7 commits from dev into main 2026-01-19 16:51:21 +03:00
Conversation 0 Commits 7 Files Changed 32 +79 -3
3 changed files with 79 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 5a3494e10d - Show all commits

2
api/login.php
View File

@@ -21,7 +21,7 @@ if (!is_array($data)) {
$login = trim($data['username'] ?? ''); $login = trim($data['username'] ?? '');
$password = $data['password'] ?? ''; $password = $data['password'] ?? '';
$siteAlias = trim($data['site_alias'] ?? ''); $siteAlias = strtolower(trim($data['site_alias'] ?? ''));
if ($siteAlias === '') { if ($siteAlias === '') {
http_response_code(400); http_response_code(400);

74
import_users.php Normal file
View File

@@ -0,0 +1,74 @@
<?php
// Usage: place this script next to users.txt and run: php import_users.php
// It will create users_with_passwords.txt with "login:password" lines.
require_once __DIR__ . '/config/db.php';
$inputFile = __DIR__ . '/users.txt';
$outputFile = __DIR__ . '/users_with_passwords.txt';
if (!file_exists($inputFile)) {
fwrite(STDERR, "Input file not found: {$inputFile}\n");
exit(1);
}
$lines = file($inputFile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
if ($lines === false) {
fwrite(STDERR, "Failed to read input file.\n");
exit(1);
}
$charset = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
$charsetLen = strlen($charset);
function generatePassword(string $charset, int $charsetLen, int $length = 6): string
{
$password = '';
for ($i = 0; $i < $length; $i++) {
$password .= $charset[random_int(0, $charsetLen - 1)];
}
return $password;
}
$pdo->beginTransaction();
try {
$selectStmt = $pdo->prepare("SELECT id FROM users WHERE username = ?");
$insertStmt = $pdo->prepare("INSERT INTO users (username, password_hash) VALUES (?, ?)");
$updateStmt = $pdo->prepare("UPDATE users SET password_hash = ? WHERE id = ?");
$out = fopen($outputFile, 'w');
if ($out === false) {
throw new RuntimeException('Failed to open output file for writing.');
}
$seen = [];
foreach ($lines as $line) {
$username = trim($line);
if ($username === '' || isset($seen[$username])) {
continue;
}
$seen[$username] = true;
$password = generatePassword($charset, $charsetLen, 6);
$hash = password_hash($password, PASSWORD_BCRYPT);
$selectStmt->execute([$username]);
$user = $selectStmt->fetch(PDO::FETCH_ASSOC);
if ($user) {
$updateStmt->execute([$hash, $user['id']]);
} else {
$insertStmt->execute([$username, $hash]);
}
fwrite($out, $username . ':' . $password . PHP_EOL);
}
fclose($out);
$pdo->commit();
echo "Done. Output: {$outputFile}\n";
} catch (Throwable $e) {
$pdo->rollBack();
fwrite(STDERR, "Error: " . $e->getMessage() . "\n");
exit(1);
}
?>

6
js/auth.js
View File

@@ -48,12 +48,14 @@ if (document.getElementById('loginForm')) {
if (!data.site_alias) { if (!data.site_alias) {
const metaAlias = document.querySelector('meta[name="site-alias"]'); const metaAlias = document.querySelector('meta[name="site-alias"]');
if (metaAlias && metaAlias.content) { if (metaAlias && metaAlias.content) {
data.site_alias = metaAlias.content.trim(); data.site_alias = metaAlias.content.trim().toLowerCase();
} else { } else {
const path = window.location.pathname.replace(/\/+$/, ''); const path = window.location.pathname.replace(/\/+$/, '');
const parts = path.split('/').filter(Boolean); const parts = path.split('/').filter(Boolean);
data.site_alias = parts[0] || 'root'; data.site_alias = (parts[0] || 'root').toLowerCase();
} }
} else if (typeof data.site_alias === 'string') {
data.site_alias = data.site_alias.trim().toLowerCase();
} }
const result = await sendRequest('api/login.php', data); const result = await sendRequest('api/login.php', data);