From d70cd8c1df115a721e72a00208c2a37870333cdf Mon Sep 17 00:00:00 2001
From: Christoph Burschka
Date: Wed, 15 Jan 2014 20:40:07 +0100
Subject: First step toward a session-auth plugin.

(See #1, and cburschka/cadence#31)
---
 plugins/session/www/rpc.php | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 plugins/session/www/rpc.php

(limited to 'plugins/session/www/rpc.php')

diff --git a/plugins/session/www/rpc.php b/plugins/session/www/rpc.php
new file mode 100644
index 0000000..58f3634
--- /dev/null
+++ b/plugins/session/www/rpc.php
@@ -0,0 +1,25 @@
+<?php
+
+define('ROOT', __DIR__ . '/../../../');
+define('SESS_ROOT' , __DIR__ . '/../');
+
+main();
+
+function main() {
+  require_once ROOT . 'config.php';
+  require_once SESS_ROOT . 'session.module';
+  $bridge = session_init($config['session']);
+  $plugin = $config['session']['plugin'];
+  $plugin_conf = $config['session']['plugins'][$plugin_conf];
+  $plugin_id = $plugin_conf['file'];
+  require_once SESS_ROOT . 'plugins/' . $plugin_id . '/' . $plugin_id . '.module';
+  $function = $plugin_id . '_authenticate';
+  $username = $function($plugin_conf);
+  if ($username) {
+    $entry = ['user' => $username, 'secret' => sha1($_POST['salt'] . time() . mt_rand()), 'time' => time()];
+    $bridge->create($entry);
+    header('Content-type: text/plain; charset=UTF-8');
+    print json_encode($entry);
+  }
+  else header('HTTP/1.1 403 Forbidden');
+}
-- 
cgit v1.1