summaryrefslogtreecommitdiff
path: root/plugins/session/www/rpc.php
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/session/www/rpc.php')
-rw-r--r--plugins/session/www/rpc.php31
1 files changed, 11 insertions, 20 deletions
diff --git a/plugins/session/www/rpc.php b/plugins/session/www/rpc.php
index 58f3634..fca85a0 100644
--- a/plugins/session/www/rpc.php
+++ b/plugins/session/www/rpc.php
@@ -1,25 +1,16 @@
<?php
-define('ROOT', __DIR__ . '/../../../');
-define('SESS_ROOT' , __DIR__ . '/../');
+define('SESS_ROOT', __DIR__ . '/../');
-main();
+require_once SESS_ROOT . 'main.php';
-function main() {
- require_once ROOT . 'config.php';
- require_once SESS_ROOT . 'session.module';
- $bridge = session_init($config['session']);
- $plugin = $config['session']['plugin'];
- $plugin_conf = $config['session']['plugins'][$plugin_conf];
- $plugin_id = $plugin_conf['file'];
- require_once SESS_ROOT . 'plugins/' . $plugin_id . '/' . $plugin_id . '.module';
- $function = $plugin_id . '_authenticate';
- $username = $function($plugin_conf);
- if ($username) {
- $entry = ['user' => $username, 'secret' => sha1($_POST['salt'] . time() . mt_rand()), 'time' => time()];
- $bridge->create($entry);
- header('Content-type: text/plain; charset=UTF-8');
- print json_encode($entry);
- }
- else header('HTTP/1.1 403 Forbidden');
+$entry = (!empty($_POST['salt']) && strlen($_POST['salt']) >= 16) ?
+ create_key($_POST['salt']) : FALSE;
+
+if ($entry) {
+ header('Content-type: text/plain; charset=UTF-8');
+ print json_encode($entry);
+}
+else {
+ header('HTTP/1.1 403 Forbidden');
}
generated by cgit v1.1 at 2024-05-18 16:11:31 +0000