Check-in [71ca4f7823]
Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Introduce IndieAuth logins |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
71ca4f782371d84a7dec3c436d52f0a6 |
User & Date: | mario 2021-04-05 04:32:09 |
Context
2021-04-05
| ||
04:33 | Move auth section after utility includes check-in: 9bff4c3798 user: mario tags: trunk | |
04:32 | Introduce IndieAuth logins check-in: 71ca4f7823 user: mario tags: trunk | |
2019-07-22
| ||
01:14 | Fixed title/description extraction. check-in: dedb921ea3 user: mario tags: trunk | |
Changes
Changes to lib/deferred_openid_session.php.
︙ | ︙ | |||
10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 | * (Prevent needless cookies and tracking ids for not logged-in users.) * * The only handler that initiates any login process is `page_login.php` * */ // Kill off CloudFlare cookie when Do-Not-Track header present if ($_SERVER->has("HTTP_DNT") and $_SERVER->boolean["HTTP_DNT"]) { header("Set-Cookie: __cfduid= ; path=/; domain=.freshcode.club; HttpOnly"); } // Check for pre-existant cookie before defaulting to initiate session store if ($_COOKIE->has("USER") or $_REQUEST->has("set_password")) { session_fresh(); | > > > > | 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 | * (Prevent needless cookies and tracking ids for not logged-in users.) * * The only handler that initiates any login process is `page_login.php` * */ #error_reporting(E_ALL);set_error_handler("var_dump"); // Kill off CloudFlare cookie when Do-Not-Track header present if ($_SERVER->has("HTTP_DNT") and $_SERVER->boolean["HTTP_DNT"]) { header("Set-Cookie: __cfduid= ; path=/; domain=.freshcode.club; HttpOnly"); } define("INDIEAUTH_API", "https://indieauth.com/auth"); define("INDIEAUTH_CLIENT_ID", "https://freshcode.club/"); define("INDIEAUTH_REDIRECT", "https://freshcode.club/login"); // Check for pre-existant cookie before defaulting to initiate session store if ($_COOKIE->has("USER") or $_REQUEST->has("set_password")) { session_fresh(); |
︙ | ︙ | |||
58 59 60 61 62 63 64 | die("OpenID verify exception (possibly endpoint / SSL error)"); } } elseif ($_REQUEST->has("set_password")) { $_SESSION["password"] = $_REQUEST->ascii->nocontrol->trim["set_password"]; } | > > | > > | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 | die("OpenID verify exception (possibly endpoint / SSL error)"); } } elseif ($_REQUEST->has("set_password")) { $_SESSION["password"] = $_REQUEST->ascii->nocontrol->trim["set_password"]; } elseif ($_REQUEST->has("start_indieauth")) { initiate_indieauth($_POST->uri["login_url"]); } elseif ($_REQUEST->has("code","me")) { $indieauth_login = verify_indieauth(); } #-- IndieAuth function initiate_indieauth($url="") { $_SESSION["indie/state"] = $_state = md5("ia:".rand()); die(header( "Location: " . INDIEAUTH_API . "?me=" . urlencode($url) . "&client_id=" . INDIEAUTH_CLIENT_ID . "&redirect_uri=" . INDIEAUTH_REDIRECT . "&state=" . urlencode($_state) )); } #-- if &code= parameter received function verify_indieauth() { # "https://freshcode.club/login?code=...&me=http://userurl..." $fields = [ "code" => $_REQUEST->raw["code"], "client_id" => INDIEAUTH_CLIENT_ID, "redirect_uri" => INDIEAUTH_REDIRECT, ]; $json = curl(INDIEAUTH_API)->post(1)->postfields( http_build_query($fields)#->httpheader(array("Accept: application/json")) )->exec(); print($json); if ($json) { $d = json_decode($json, True) or parse_str($json, $d); if (!empty($d["me"])) { session_fresh(); return $_SESSION["openid"] = $d["me"]; } } } #session_write_close(); // Prevent some session tampering function session_fresh() { |
︙ | ︙ |
Changes to lib/input.php.
︙ | ︙ | |||
554 555 556 557 558 559 560 | } /** * [e] * HTML escapes. * * This is actually an output filter. But might be useful to mirror input back into | | | 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 | } /** * [e] * HTML escapes. * * This is actually an output filter. But might be useful to mirror input back into * form fields instantly `<input name=field value="<?=$_GET->html["field"] ?>">` * * @param $data string * @return string */ function _html($data) { return htmlspecialchars($data, ENT_QUOTES, "UTF-8", false); |
︙ | ︙ |