byecorps/id
1
0
Fork 0
mirror of https://github.com/byecorps/id.git synced 2024-09-19 23:00:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Upload a lot of changes

Browse source
This commit is contained in:
Bye 2024-02-17 12:04:47 +00:00
parent bc1f4209d0
commit c6a1637dee
27 changed files with 913 additions and 279 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.idea/dataSources.local.xml
View file

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="dataSourceStorageLocal" created-in="PS-232.10072.32">
<component name="dataSourceStorageLocal" created-in="PS-233.13135.108">
<data-source name="ByeCorps ID (local)" uuid="5bc27beb-c8ab-420d-bdbc-055b37ae9e39">
<database-info product="MariaDB" version="10.6.12-MariaDB-0ubuntu0.22.04.1" jdbc-version="4.2" driver-name="MariaDB Connector/J" driver-version="3.0.7" dbms="MARIADB" exact-version="10.6.12" exact-driver-version="3.0">
<extra-name-characters>#@</extra-name-characters>

2
.idea/dataSources.xml
View file

@ -5,7 +5,7 @@
<driver-ref>mariadb</driver-ref>
<synchronize>true</synchronize>
<jdbc-driver>org.mariadb.jdbc.Driver</jdbc-driver>
<jdbc-url>jdbc:mariadb://id:3306/id</jdbc-url>
<jdbc-url>jdbc:mariadb://id.local:3306/id.local</jdbc-url>
<working-dir>$ProjectFileDir$</working-dir>
</data-source>
</component>

205
.idea/dataSources/5bc27beb-c8ab-420d-bdbc-055b37ae9e39.xml
View file

@ -1,205 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<dataSource name="ByeCorps ID (local)">
<database-model serializer="dbm" dbms="MARIADB" family-id="MARIADB" format-version="4.49">
<root id="1">
<DefaultCasing>exact</DefaultCasing>
<DefaultEngine>InnoDB</DefaultEngine>
<Grants>|root||bye||ALTER|G
|root||bye|100.12.43.1|ALTER|G
|root||mysql|localhost|ALTER|G
|root||root|localhost|ALTER|G
|root||bye||ALTER ROUTINE|G
|root||bye|100.12.43.1|ALTER ROUTINE|G
|root||mysql|localhost|ALTER ROUTINE|G
|root||root|localhost|ALTER ROUTINE|G
|root||bye||BINLOG ADMIN|G
|root||bye|100.12.43.1|BINLOG ADMIN|G
|root||mysql|localhost|BINLOG ADMIN|G
|root||root|localhost|BINLOG ADMIN|G
|root||bye||BINLOG MONITOR|G
|root||bye|100.12.43.1|BINLOG MONITOR|G
|root||mysql|localhost|BINLOG MONITOR|G
|root||root|localhost|BINLOG MONITOR|G
|root||bye||BINLOG REPLAY|G
|root||bye|100.12.43.1|BINLOG REPLAY|G
|root||mysql|localhost|BINLOG REPLAY|G
|root||root|localhost|BINLOG REPLAY|G
|root||bye||CONNECTION ADMIN|G
|root||bye|100.12.43.1|CONNECTION ADMIN|G
|root||mysql|localhost|CONNECTION ADMIN|G
|root||root|localhost|CONNECTION ADMIN|G
|root||bye||CREATE|G
|root||bye|100.12.43.1|CREATE|G
|root||mysql|localhost|CREATE|G
|root||root|localhost|CREATE|G
|root||bye||CREATE ROUTINE|G
|root||bye|100.12.43.1|CREATE ROUTINE|G
|root||mysql|localhost|CREATE ROUTINE|G
|root||root|localhost|CREATE ROUTINE|G
|root||bye||CREATE TABLESPACE|G
|root||bye|100.12.43.1|CREATE TABLESPACE|G
|root||mysql|localhost|CREATE TABLESPACE|G
|root||root|localhost|CREATE TABLESPACE|G
|root||bye||CREATE TEMPORARY TABLES|G
|root||bye|100.12.43.1|CREATE TEMPORARY TABLES|G
|root||mysql|localhost|CREATE TEMPORARY TABLES|G
|root||root|localhost|CREATE TEMPORARY TABLES|G
|root||bye||CREATE USER|G
|root||bye|100.12.43.1|CREATE USER|G
|root||mysql|localhost|CREATE USER|G
|root||root|localhost|CREATE USER|G
|root||bye||CREATE VIEW|G
|root||bye|100.12.43.1|CREATE VIEW|G
|root||mysql|localhost|CREATE VIEW|G
|root||root|localhost|CREATE VIEW|G
|root||bye||DELETE|G
|root||bye|100.12.43.1|DELETE|G
|root||mysql|localhost|DELETE|G
|root||root|localhost|DELETE|G
|root||bye||DELETE HISTORY|G
|root||bye|100.12.43.1|DELETE HISTORY|G
|root||mysql|localhost|DELETE HISTORY|G
|root||root|localhost|DELETE HISTORY|G
|root||bye||DROP|G
|root||bye|100.12.43.1|DROP|G
|root||mysql|localhost|DROP|G
|root||root|localhost|DROP|G
|root||bye||EVENT|G
|root||bye|100.12.43.1|EVENT|G
|root||mysql|localhost|EVENT|G
|root||root|localhost|EVENT|G
|root||bye||EXECUTE|G
|root||bye|100.12.43.1|EXECUTE|G
|root||mysql|localhost|EXECUTE|G
|root||root|localhost|EXECUTE|G
|root||bye||FEDERATED ADMIN|G
|root||bye|100.12.43.1|FEDERATED ADMIN|G
|root||mysql|localhost|FEDERATED ADMIN|G
|root||root|localhost|FEDERATED ADMIN|G
|root||bye||FILE|G
|root||bye|100.12.43.1|FILE|G
|root||mysql|localhost|FILE|G
|root||root|localhost|FILE|G
|root||bye||INDEX|G
|root||bye|100.12.43.1|INDEX|G
|root||mysql|localhost|INDEX|G
|root||root|localhost|INDEX|G
|root||bye||INSERT|G
|root||bye|100.12.43.1|INSERT|G
|root||mysql|localhost|INSERT|G
|root||root|localhost|INSERT|G
|root||bye||LOCK TABLES|G
|root||bye|100.12.43.1|LOCK TABLES|G
|root||mysql|localhost|LOCK TABLES|G
|root||root|localhost|LOCK TABLES|G
|root||bye||PROCESS|G
|root||bye|100.12.43.1|PROCESS|G
|root||mysql|localhost|PROCESS|G
|root||root|localhost|PROCESS|G
|root||bye||READ_ONLY ADMIN|G
|root||bye|100.12.43.1|READ_ONLY ADMIN|G
|root||mysql|localhost|READ_ONLY ADMIN|G
|root||root|localhost|READ_ONLY ADMIN|G
|root||bye||REFERENCES|G
|root||bye|100.12.43.1|REFERENCES|G
|root||mysql|localhost|REFERENCES|G
|root||root|localhost|REFERENCES|G
|root||bye||RELOAD|G
|root||bye|100.12.43.1|RELOAD|G
|root||mysql|localhost|RELOAD|G
|root||root|localhost|RELOAD|G
|root||bye||REPLICATION MASTER ADMIN|G
|root||bye|100.12.43.1|REPLICATION MASTER ADMIN|G
|root||mysql|localhost|REPLICATION MASTER ADMIN|G
|root||root|localhost|REPLICATION MASTER ADMIN|G
|root||bye||REPLICATION SLAVE|G
|root||bye|100.12.43.1|REPLICATION SLAVE|G
|root||mysql|localhost|REPLICATION SLAVE|G
|root||root|localhost|REPLICATION SLAVE|G
|root||bye||REPLICATION SLAVE ADMIN|G
|root||bye|100.12.43.1|REPLICATION SLAVE ADMIN|G
|root||mysql|localhost|REPLICATION SLAVE ADMIN|G
|root||root|localhost|REPLICATION SLAVE ADMIN|G
|root||bye||SELECT|G
|root||bye|100.12.43.1|SELECT|G
|root||mysql|localhost|SELECT|G
|root||root|localhost|SELECT|G
|root||bye||SET USER|G
|root||bye|100.12.43.1|SET USER|G
|root||mysql|localhost|SET USER|G
|root||root|localhost|SET USER|G
|root||bye||SHOW DATABASES|G
|root||bye|100.12.43.1|SHOW DATABASES|G
|root||mysql|localhost|SHOW DATABASES|G
|root||root|localhost|SHOW DATABASES|G
|root||bye||SHOW VIEW|G
|root||bye|100.12.43.1|SHOW VIEW|G
|root||mysql|localhost|SHOW VIEW|G
|root||root|localhost|SHOW VIEW|G
|root||bye||SHUTDOWN|G
|root||bye|100.12.43.1|SHUTDOWN|G
|root||mysql|localhost|SHUTDOWN|G
|root||root|localhost|SHUTDOWN|G
|root||bye||SLAVE MONITOR|G
|root||bye|100.12.43.1|SLAVE MONITOR|G
|root||mysql|localhost|SLAVE MONITOR|G
|root||root|localhost|SLAVE MONITOR|G
|root||bye||SUPER|G
|root||bye|100.12.43.1|SUPER|G
|root||mysql|localhost|SUPER|G
|root||root|localhost|SUPER|G
|root||bye||TRIGGER|G
|root||bye|100.12.43.1|TRIGGER|G
|root||mysql|localhost|TRIGGER|G
|root||root|localhost|TRIGGER|G
|root||bye||UPDATE|G
|root||bye|100.12.43.1|UPDATE|G
|root||mysql|localhost|UPDATE|G
|root||root|localhost|UPDATE|G
|root||bye||grant option|G
|root||bye|100.12.43.1|grant option|G
|root||mysql|localhost|grant option|G
|root||root|localhost|grant option|G
id|schema||id||ALTER|G
id|schema||id||ALTER ROUTINE|G
id|schema||id||CREATE|G
id|schema||id||CREATE ROUTINE|G
id|schema||id||CREATE TEMPORARY TABLES|G
id|schema||id||CREATE VIEW|G
id|schema||id||DELETE|G
id|schema||id||DELETE HISTORY|G
id|schema||id||DROP|G
id|schema||id||EVENT|G
id|schema||id||EXECUTE|G
id|schema||id||INDEX|G
id|schema||id||INSERT|G
id|schema||id||LOCK TABLES|G
id|schema||id||REFERENCES|G
id|schema||id||SELECT|G
id|schema||id||SHOW VIEW|G
id|schema||id||TRIGGER|G
id|schema||id||UPDATE|G
phpmyadmin|schema||phpmyadmin|localhost|ALTER|G
phpmyadmin|schema||phpmyadmin|localhost|ALTER ROUTINE|G
phpmyadmin|schema||phpmyadmin|localhost|CREATE|G
phpmyadmin|schema||phpmyadmin|localhost|CREATE ROUTINE|G
phpmyadmin|schema||phpmyadmin|localhost|CREATE TEMPORARY TABLES|G
phpmyadmin|schema||phpmyadmin|localhost|CREATE VIEW|G
phpmyadmin|schema||phpmyadmin|localhost|DELETE|G
phpmyadmin|schema||phpmyadmin|localhost|DELETE HISTORY|G
phpmyadmin|schema||phpmyadmin|localhost|DROP|G
phpmyadmin|schema||phpmyadmin|localhost|EVENT|G
phpmyadmin|schema||phpmyadmin|localhost|EXECUTE|G
phpmyadmin|schema||phpmyadmin|localhost|INDEX|G
phpmyadmin|schema||phpmyadmin|localhost|INSERT|G
phpmyadmin|schema||phpmyadmin|localhost|LOCK TABLES|G
phpmyadmin|schema||phpmyadmin|localhost|REFERENCES|G
phpmyadmin|schema||phpmyadmin|localhost|SELECT|G
phpmyadmin|schema||phpmyadmin|localhost|SHOW VIEW|G
phpmyadmin|schema||phpmyadmin|localhost|TRIGGER|G
phpmyadmin|schema||phpmyadmin|localhost|UPDATE|G</Grants>
<ServerVersion>10.6.12</ServerVersion>
</root>
<database-model serializer="dbm" dbms="MARIADB" family-id="MARIADB" format-version="4.51">
<root id="1"/>
<collation id="2" parent="1" name="big5_chinese_ci">
<Charset>big5</Charset>
<DefaultForCharset>1</DefaultForCharset>
@ -1217,8 +1019,7 @@ phpmyadmin|schema||phpmyadmin|localhost|UPDATE|G</Grants>
</schema>
<schema id="327" parent="1" name="id">
<Current>1</Current>
<IntrospectionTimestamp>2023-11-16.19:58:39</IntrospectionTimestamp>
<LocalIntrospectionTimestamp>2023-11-16.19:58:50</LocalIntrospectionTimestamp>
<LastIntrospectionLocalTimestamp>2023-11-16.19:58:50</LastIntrospectionLocalTimestamp>
<CollationName>utf8mb4_general_ci</CollationName>
</schema>
<schema id="328" parent="1" name="phpmyadmin">

4
.idea/id.iml
View file

@ -19,6 +19,10 @@
<excludeFolder url="file://$MODULE_DIR$/vendor/erusev/parsedown" />
<excludeFolder url="file://$MODULE_DIR$/vendor/erusev/parsedown-extra" />
<excludeFolder url="file://$MODULE_DIR$/vendor/kornrunner/blurhash" />
<excludeFolder url="file://$MODULE_DIR$/vendor/guzzlehttp/guzzle" />
<excludeFolder url="file://$MODULE_DIR$/vendor/guzzlehttp/promises" />
<excludeFolder url="file://$MODULE_DIR$/vendor/psr/http-client" />
<excludeFolder url="file://$MODULE_DIR$/vendor/resend/resend-php" />
</content>
<orderEntry type="inheritedJdk" />
<orderEntry type="sourceFolder" forTests="false" />

4
.idea/php.xml
View file

@ -26,6 +26,10 @@
<path value="$PROJECT_DIR$/vendor/erusev/parsedown" />
<path value="$PROJECT_DIR$/vendor/erusev/parsedown-extra" />
<path value="$PROJECT_DIR$/vendor/kornrunner/blurhash" />
<path value="$PROJECT_DIR$/vendor/guzzlehttp/guzzle" />
<path value="$PROJECT_DIR$/vendor/guzzlehttp/promises" />
<path value="$PROJECT_DIR$/vendor/resend/resend-php" />
<path value="$PROJECT_DIR$/vendor/psr/http-client" />
</include_path>
</component>
<component name="PhpProjectSharedConfiguration" php_language_level="8.1" />

2
account.php
View file

@ -78,7 +78,7 @@ if (isset($message )) {
<div id="wrapper">
<div id="profile">
<img src="<?= get_avatar_url($user['id']); ?>">
<img src="<?= get_gravatar_url($user['email']); ?>">
<div class="details">
<span class="displayname"><?= $user['display_name'] ?></span>
<span class="bcid"><?= format_bcid($user['id']); ?></span>

65
accounts_handler.php
View file

@ -25,9 +25,12 @@ function get_avatar_url($bcid):string {
}
function get_display_name($bcid, $use_bcid_fallback=true):string {
function get_display_name($bcid, $use_bcid_fallback=true, $put_bcid_in_parenthesis=false):string {
$display_name = db_execute("SELECT display_name FROM accounts WHERE id = ?", [$bcid])['display_name'];
if (!empty($display_name)) {
if ($put_bcid_in_parenthesis) {
return $display_name . " ($bcid)";
}
return $display_name;
}
@ -38,6 +41,66 @@ function get_display_name($bcid, $use_bcid_fallback=true):string {
return "";
}
// Tokens so apps can get VERY BASIC information
function generate_basic_access_token($bcid): array
{
// Returns an access token, a refresh token and an expiry timestamp.
$access_token = md5(uniqid(more_entropy: true).rand(1000000, 9999999));
$refresh_token = md5(uniqid("rfish").rand(1000000, 9999999));
$valid_time = 12; // in hours
$expiry = time() + ($valid_time * 60 * 60);
// echo $access_token . ":" . $refresh_token;
db_execute(
"INSERT INTO tokens (access_token, refresh_token, expiry, owner_id) VALUES (?,?,?,?)",
[$access_token, $refresh_token, $expiry, $bcid]
);
return [
"access" => $access_token,
"refresh" => $refresh_token,
"expiry" => $expiry,
"id" => $bcid
];
}
function generate_cookie_access_token($bcid) {
$access_token = md5(uniqid(prefix: "COOKIECOOKIECOOKIE", more_entropy: true).rand(1000000, 9999999));
$valid_time = 365 * 24; // 1 year
$expiry = time() + ($valid_time * 60 * 60);
// echo $access_token . ":" . $refresh_token;
db_execute(
"INSERT INTO tokens (access_token, expiry, owner_id, type) VALUES (?,?,?,'cookie')",
[$access_token, $expiry, $bcid]
);
return [
"access" => $access_token,
"expiry" => $expiry,
"id" => $bcid
];
}
function validate_access_token($access_token): bool
{
$token_details = db_execute("SELECT * FROM tokens WHERE access_token = ?", [$access_token]);
if (null == $token_details) {
return false;
}
if (time() > $token_details['expiry']) {
db_execute("DELETE FROM tokens where access_token = ?", [$access_token]);
return false;
}
return true;
}
// Password resets
const PASSWORD_RESET_VALIDITY = 300; // in seconds.
function create_password_reset($bcid):string {

7
admin_apps_create.php
View file

@ -13,7 +13,7 @@ function check_app_id($app_id): bool
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$app_id = generate_app_id();
db_execute("INSERT INTO apps (id, owner_id, title, description) VALUES (?, ?, ?, ?)", [$app_id, $_POST['owner'], $_POST['title'], $_POST['description']]);
db_execute("INSERT INTO apps (id, owner_id, title, description, type) VALUES (?, ?, ?, ?, ?)", [$app_id, $_POST['owner'], $_POST['title'], $_POST['description'], $_POST['type']]);
die();
}
@ -35,5 +35,10 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
}
?>
</select>
<label for="type">App type</label>
<select name="type" id="type">
<option value="null">None</option>
<option value="basic_login">Basic login</option>
</select>
<button type="submit">Create app</button>
</form>

67
admin_initdatabase.php
View file

@ -12,7 +12,9 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
created_date date default current_timestamp() not null,
display_name text null,
password text not null,
verified tinyint(1) not null,
verified tinyint(1) default 0 not null,
has_pfp tinyint(1) default 0 not null,
is_admin tinyint(1) default 0 not null,
constraint email
unique (email) using hash
);');
@ -23,7 +25,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
echo('<p>An error occurred: '. $e->getMessage() .'. Will skip. (Most likely the table already exists.)');
}
echo '<p>Create the `password_resets` table</p>';
echo '<p>Create the `password_resets` table';
$stmt = $pdo->prepare('create table password_resets
(
id int auto_increment
@ -33,11 +35,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
expiration int not null,
constraint password_resets_ibfk_1
foreign key (owner_id) references accounts (id)
);
create index owner_id
on password_resets (owner_id);
');
);');
try {
$stmt->execute();
@ -45,13 +43,66 @@ create index owner_id
echo('<p>An error occurred: '. $e->getMessage() .'. Most likely this is already set.');
}
echo '<p>Create the `apps` table';
try {
db_execute('create table apps (
id int auto_increment
primary key,
owner_id varchar(7) not null,
title text not null,
description text,
image text default "https://id.byecorps.com/assets/default.png" not null,
type text null,
callback text null,
constraint apps_ibfk_1
foreign key (owner_id) references accounts (id)
);');
} catch (PDOException $e) {
echo('<p>An error occurred: '. $e->getMessage() .'. Most likely this is already set.');
}
echo '<p>Create the `badges` table';
try {
db_execute('create table badges (
id int auto_increment
primary key,
app_id int not null,
title text not null,
description text,
image text default "https://id.byecorps.com/assets/default.png" not null,
constraint badges_ibfk_1
foreign key (app_id) references apps (id)
);');
} catch (PDOException $e) {
echo('<p>An error occurred: '. $e->getMessage() .'. Most likely this is already set.');
}
echo '<p>Create the `profiles` table';
try {
db_execute('create table profiles (
id varchar(7)
primary key,
description text null,
public_avatar tinyint(1) default 0,
public_display_name tinyint(1) default 0,
constraint profiles_ibfk_1
foreign key (id) references accounts (id)
);');
} catch (PDOException $e) {
echo('<p>An error occurred: '. $e->getMessage() .'. Most likely this is already set.');
}
echo "<p>Database initialised.</p>";
}
}
?>
<h2 class="subheading">Admin</h2>
<h1>Init database</h1>
<p>Assuming you have the database config configured, you can click this button to create the tables required for this thing to function.</p>

29
admin_purge.php Normal file
View file

@ -0,0 +1,29 @@
<?php
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if ($_POST['purge'] == 'purge') {
db_execute("DELETE FROM `password_resets` WHERE expiration < ?", [time()]);
db_execute("DELETE FROM `tokens` WHERE expiry < ?", [time()]);
}
}
$expired_password_resets = db_execute("SELECT * FROM `password_resets` WHERE expiration < ?", [time()]);
$expired_tokens = db_execute("SELECT * FROM `tokens` WHERE expiry < ?", [time()]);
?>
<h1>Purge</h1>
<form method="post">
<p>
<button name="purge" value="purge" type="submit" class="primary">Purge</button>
</p>
</form>
<h2>Expired password resets</h2>
<pre><?php print_r($expired_password_resets) ?></pre>
<h2>Expired Login tokens</h2>
<pre><?php print_r($expired_tokens) ?></pre>

117
api_handler.php Normal file
View file

@ -0,0 +1,117 @@
<?php
$output_format = "json";
header('Content-type: application/json');
if (array_key_exists('HTTP_AUTHORIZATION', $_SERVER)) {
$access_token = str_replace("Bearer ", "", $_SERVER['HTTP_AUTHORIZATION']);
}
if (!empty($access_token)) {
// Check who the access token belongs to
$token = db_execute("SELECT * FROM tokens WHERE access_token = ?", [$access_token]);
// if the token doesn't exist...
if (empty($token)) {
$invalid_token = true; // We won't tell this to the end-user immediately because I'd prefer to tell them about
// 404 first.
} else {
$token_owner = $token['owner_id'];
}
}
function check_authorisation($token): int
{
// Validate token
if (!validate_access_token($token)) {
return 0; // Unauthorised
}
// Check the type of token
$token_row = db_execute("SELECT * FROM tokens WHERE access_token = ?", [$token]);
if (null == $token_row) {
return 0;
}
return match ($token_row['type']) {
"basic" => 1,
default => 0,
};
}
// Misc (unauthorised)
function redirect_to_documentation(): void
{
header('Location: /docs/api');
}
// Health check
function api_health_check(): array
{
return ["message" => "Science compels us to explode the sun!", "time" => time(), "response_code" => 200];
}
// User (REQUIRES AUTHORISATION)
function api_user_info() {
global $access_token, $token_owner;
// Authorisation levels:
// `display_name` = 1 (basic)
// `id` = 1 (basic)
// `email` = 1 (basic)
$level = check_authorisation($access_token);
$data = null;
if ($level == 1) {
$data = db_execute("SELECT id, email, display_name FROM accounts WHERE id = ? LIMIT 1", [$token_owner]);
}
if (null != $data) {
return [
"response_code" => 200,
"id" => $data['id'],
"email" => $data['email'],
"display_name" => $data['display_name']
];
}
http_response_code(401);
return [
"response_code" => 401,
"message" => "Unauthorized."
];
}
$api_routes = [ // base url is base_url.'/api'
// "/path" => "function_name"
// Misc
"" => "redirect_to_documentation",
"/status" => "api_health_check",
// Account stuff
"/account/me" => "api_user_info"
];
$path = str_replace("/api", "", $path);
if (isset($api_routes[$path])) {
if (isset($invalid_token)) {
http_response_code(498);
echo (json_encode([
"response_code" => "498",
"message" => "Token expired or invalid."
]));
}
echo json_encode($api_routes[$path]());
} else {
http_response_code(404);
echo (json_encode([
"response_code" => "404",
"message" => "Route not found."
]));
}

6
assets/bcid.svg Normal file
View file

@ -0,0 +1,6 @@
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 -0.5 32 32" shape-rendering="crispEdges">
<metadata>Made with Pixels to Svg https://codepen.io/shshaw/pen/XbxvNj</metadata>
<path stroke="#cbdbfc" d="M2 4h28M2 5h1M29 5h1M0 6h3M29 6h3M0 7h1M31 7h1M0 8h1M31 8h1M0 9h1M31 9h1M0 10h1M31 10h1M0 11h1M31 11h1M0 12h1M31 12h1M0 13h1M31 13h1M0 14h1M31 14h1M0 15h1M31 15h1M0 16h1M31 16h1M0 17h1M31 17h1M0 18h1M31 18h1M0 19h1M31 19h1M0 20h1M31 20h1M0 21h1M31 21h1M0 22h1M31 22h1M0 23h1M31 23h1M0 24h1M31 24h1M0 25h3M29 25h3M2 26h1M29 26h1M2 27h28" />
<path stroke="#ffffff" d="M3 5h26M3 6h26M1 7h30M1 8h30M1 9h30M1 10h6M8 10h1M10 10h6M21 10h1M25 10h6M1 11h7M9 11h9M19 11h3M23 11h2M26 11h5M1 12h6M12 12h6M19 12h3M23 12h2M26 12h5M1 13h6M12 13h6M19 13h3M23 13h2M26 13h5M1 14h6M12 14h6M19 14h3M23 14h2M26 14h5M1 15h6M12 15h6M19 15h3M23 15h2M26 15h5M1 16h15M21 16h1M25 16h6M1 17h6M12 17h19M1 18h5M13 18h18M1 19h5M13 19h3M24 19h1M26 19h5M1 20h5M13 20h18M1 21h5M13 21h3M17 21h1M21 21h1M26 21h5M1 22h30M1 23h30M1 24h30M3 25h26M3 26h26" />
<path stroke="#000000" d="M7 10h1M9 10h1M16 10h5M22 10h3M8 11h1M18 11h1M22 11h1M25 11h1M7 12h5M18 12h1M22 12h1M25 12h1M7 13h5M18 13h1M22 13h1M25 13h1M7 14h5M18 14h1M22 14h1M25 14h1M7 15h5M18 15h1M22 15h1M25 15h1M16 16h5M22 16h3M7 17h5M6 18h7M6 19h7M16 19h8M25 19h1M6 20h7M6 21h7M16 21h1M18 21h3M22 21h4" />
</svg>
Side by side

After

Width:  |  Height:  |  Size: 1.3 KiB

BIN
assets/default.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 1.2 KiB

3
composer.json
View file

@ -1,9 +1,8 @@
{
"require": {
"sentry/sdk": "^4.0",
"phpmailer/phpmailer": "^6.8",
"erusev/parsedown": "^1.7",
"erusev/parsedown-extra": "^0.8.1",
"kornrunner/blurhash": "^1.2"
"resend/resend-php": "^0.11.0"
}
}

320
composer.lock generated
View file

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "9baad85ecd1e18878c3fe588203305a1",
"content-hash": "7cbb1a410be00f937b47c45077c89f9a",
"packages": [
{
"name": "erusev/parsedown",
@ -107,6 +107,215 @@
},
"time": "2019-12-30T23:20:37+00:00"
},
{
"name": "guzzlehttp/guzzle",
"version": "7.8.1",
"source": {
"type": "git",
"url": "https://github.com/guzzle/guzzle.git",
"reference": "41042bc7ab002487b876a0683fc8dce04ddce104"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/guzzle/guzzle/zipball/41042bc7ab002487b876a0683fc8dce04ddce104",
"reference": "41042bc7ab002487b876a0683fc8dce04ddce104",
"shasum": ""
},
"require": {
"ext-json": "*",
"guzzlehttp/promises": "^1.5.3 || ^2.0.1",
"guzzlehttp/psr7": "^1.9.1 || ^2.5.1",
"php": "^7.2.5 || ^8.0",
"psr/http-client": "^1.0",
"symfony/deprecation-contracts": "^2.2 || ^3.0"
},
"provide": {
"psr/http-client-implementation": "1.0"
},
"require-dev": {
"bamarni/composer-bin-plugin": "^1.8.2",
"ext-curl": "*",
"php-http/client-integration-tests": "dev-master#2c025848417c1135031fdf9c728ee53d0a7ceaee as 3.0.999",
"php-http/message-factory": "^1.1",
"phpunit/phpunit": "^8.5.36 || ^9.6.15",
"psr/log": "^1.1 || ^2.0 || ^3.0"
},
"suggest": {
"ext-curl": "Required for CURL handler support",
"ext-intl": "Required for Internationalized Domain Name (IDN) support",
"psr/log": "Required for using the Log middleware"
},
"type": "library",
"extra": {
"bamarni-bin": {
"bin-links": true,
"forward-command": false
}
},
"autoload": {
"files": [
"src/functions_include.php"
],
"psr-4": {
"GuzzleHttp\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Graham Campbell",
"email": "hello@gjcampbell.co.uk",
"homepage": "https://github.com/GrahamCampbell"
},
{
"name": "Michael Dowling",
"email": "mtdowling@gmail.com",
"homepage": "https://github.com/mtdowling"
},
{
"name": "Jeremy Lindblom",
"email": "jeremeamia@gmail.com",
"homepage": "https://github.com/jeremeamia"
},
{
"name": "George Mponos",
"email": "gmponos@gmail.com",
"homepage": "https://github.com/gmponos"
},
{
"name": "Tobias Nyholm",
"email": "tobias.nyholm@gmail.com",
"homepage": "https://github.com/Nyholm"
},
{
"name": "Márk Sági-Kazár",
"email": "mark.sagikazar@gmail.com",
"homepage": "https://github.com/sagikazarmark"
},
{
"name": "Tobias Schultze",
"email": "webmaster@tubo-world.de",
"homepage": "https://github.com/Tobion"
}
],
"description": "Guzzle is a PHP HTTP client library",
"keywords": [
"client",
"curl",
"framework",
"http",
"http client",
"psr-18",
"psr-7",
"rest",
"web service"
],
"support": {
"issues": "https://github.com/guzzle/guzzle/issues",
"source": "https://github.com/guzzle/guzzle/tree/7.8.1"
},
"funding": [
{
"url": "https://github.com/GrahamCampbell",
"type": "github"
},
{
"url": "https://github.com/Nyholm",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/guzzlehttp/guzzle",
"type": "tidelift"
}
],
"time": "2023-12-03T20:35:24+00:00"
},
{
"name": "guzzlehttp/promises",
"version": "2.0.2",
"source": {
"type": "git",
"url": "https://github.com/guzzle/promises.git",
"reference": "bbff78d96034045e58e13dedd6ad91b5d1253223"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/guzzle/promises/zipball/bbff78d96034045e58e13dedd6ad91b5d1253223",
"reference": "bbff78d96034045e58e13dedd6ad91b5d1253223",
"shasum": ""
},
"require": {
"php": "^7.2.5 || ^8.0"
},
"require-dev": {
"bamarni/composer-bin-plugin": "^1.8.2",
"phpunit/phpunit": "^8.5.36 || ^9.6.15"
},
"type": "library",
"extra": {
"bamarni-bin": {
"bin-links": true,
"forward-command": false
}
},
"autoload": {
"psr-4": {
"GuzzleHttp\\Promise\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Graham Campbell",
"email": "hello@gjcampbell.co.uk",
"homepage": "https://github.com/GrahamCampbell"
},
{
"name": "Michael Dowling",
"email": "mtdowling@gmail.com",
"homepage": "https://github.com/mtdowling"
},
{
"name": "Tobias Nyholm",
"email": "tobias.nyholm@gmail.com",
"homepage": "https://github.com/Nyholm"
},
{
"name": "Tobias Schultze",
"email": "webmaster@tubo-world.de",
"homepage": "https://github.com/Tobion"
}
],
"description": "Guzzle promises library",
"keywords": [
"promise"
],
"support": {
"issues": "https://github.com/guzzle/promises/issues",
"source": "https://github.com/guzzle/promises/tree/2.0.2"
},
"funding": [
{
"url": "https://github.com/GrahamCampbell",
"type": "github"
},
{
"url": "https://github.com/Nyholm",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/guzzlehttp/promises",
"type": "tidelift"
}
],
"time": "2023-12-03T20:19:20+00:00"
},
{
"name": "guzzlehttp/psr7",
"version": "2.6.1",
@ -410,6 +619,58 @@
],
"time": "2023-08-29T08:26:30+00:00"
},
{
"name": "psr/http-client",
"version": "1.0.3",
"source": {
"type": "git",
"url": "https://github.com/php-fig/http-client.git",
"reference": "bb5906edc1c324c9a05aa0873d40117941e5fa90"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/php-fig/http-client/zipball/bb5906edc1c324c9a05aa0873d40117941e5fa90",
"reference": "bb5906edc1c324c9a05aa0873d40117941e5fa90",
"shasum": ""
},
"require": {
"php": "^7.0 || ^8.0",
"psr/http-message": "^1.0 || ^2.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.0.x-dev"
}
},
"autoload": {
"psr-4": {
"Psr\\Http\\Client\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "PHP-FIG",
"homepage": "https://www.php-fig.org/"
}
],
"description": "Common interface for HTTP clients",
"homepage": "https://github.com/php-fig/http-client",
"keywords": [
"http",
"http-client",
"psr",
"psr-18"
],
"support": {
"source": "https://github.com/php-fig/http-client"
},
"time": "2023-09-23T14:17:50+00:00"
},
{
"name": "psr/http-factory",
"version": "1.0.2",
@ -612,6 +873,63 @@
},
"time": "2019-03-08T08:55:37+00:00"
},
{
"name": "resend/resend-php",
"version": "v0.11.0",
"source": {
"type": "git",
"url": "https://github.com/resend/resend-php.git",
"reference": "31ec02fc2d16b3badc10612289a3325afe68147c"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/resend/resend-php/zipball/31ec02fc2d16b3badc10612289a3325afe68147c",
"reference": "31ec02fc2d16b3badc10612289a3325afe68147c",
"shasum": ""
},
"require": {
"guzzlehttp/guzzle": "^7.5",
"php": "^8.1.0"
},
"require-dev": {
"friendsofphp/php-cs-fixer": "^3.13",
"mockery/mockery": "^1.6",
"pestphp/pest": "^2.0"
},
"type": "library",
"autoload": {
"files": [
"src/Resend.php"
],
"psr-4": {
"Resend\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Resend and contributors",
"homepage": "https://github.com/resend/resend-php/contributors"
}
],
"description": "Resend PHP library.",
"homepage": "https://resend.com/",
"keywords": [
"api",
"client",
"php",
"resend",
"sdk"
],
"support": {
"issues": "https://github.com/resend/resend-php/issues",
"source": "https://github.com/resend/resend-php/tree/v0.11.0"
},
"time": "2024-02-01T18:06:15+00:00"
},
{
"name": "sentry/sdk",
"version": "4.0.0",

0
credits.html → credits.php
View file

7
docs/hosting/errors.md Normal file
View file

@ -0,0 +1,7 @@
# Errors
Here's all the error codes and what they mean.
| Error Code | Explanation |
|-----------:|:----------------------------|
| 12 | A generic error explaing something went wrong adding a password reset

34
forgot_password.php
View file

@ -1,7 +1,4 @@
<?php
use PHPMailer\PHPMailer\SMTP;
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
if ($_SESSION['auth']) {
header('Location: /account');
@ -29,29 +26,20 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
$safe_display_name = $user['display_name'];
}
$mail = new PHPMailer();
try {
//Server settings
// $mail->SMTPDebug = SMTP::DEBUG_SERVER; Verbose output
$mail->isSMTP(); //Send using SMTP
$mail->Host = MAIL_HOST; //Set the SMTP server to send through
$mail->SMTPAuth = true; //Enable SMTP authentication
$mail->Username = MAIL_USERNAME; //SMTP username
$mail->Password = MAIL_PASSWORD; //SMTP password
$mail->SMTPSecure = PHPMailer::ENCRYPTION_SMTPS; //Enable implicit TLS encryption
$mail->Port = 465;
$mail->setFrom('id@byecorps.com', 'ByeCorps ID');
$mail->addAddress($user['email'], $safe_display_name);
$mail->addReplyTo('hello@byecorps.com', 'ByeCorps Support');
$mail->Subject = 'Reset your password';
$mail->Body = 'Hey there '.$safe_display_name.'! Here is that password reset you requested. Just click the following link and you\'ll be sorted:
$resend->emails->send([
'from' => 'ByeCorps ID <noreply@id.byecorps.com>',
'to' => [$safe_display_name . "<" . $user['email']. ">"],
'subject' => 'Reset your password',
'text' => 'Hey there '.$safe_display_name.'! Here is that password reset you requested. Just click the following link and you\'ll be sorted:
'.$password_reset_link.'
This link expires in 5 minutes.';
$mail->send();
This link expires in 5 minutes.
If you did not request this password reset, please ignore it (or tighten your account\'s security)']);
// echo("<a href='$password_reset_link'>This is a security issue.</a>");
} catch (Exception $e) {
echo "Message could not be sent. Mailer Error: {$mail->ErrorInfo}";
}
@ -65,7 +53,7 @@ This link expires in 5 minutes.';
<?php if(isset($message)) echo "<p>".$message."</p>"; ?>
<p>Forgot your password? We'll send you an email to reset it.</p>
<p>Forgot your password? We'll email you to reset it.</p>
<form method="post">
<input placeholder="a.dent@squornshellous.cloud" name="email" id="email" type="email">

103
index.php
View file

@ -3,37 +3,45 @@ require_once __DIR__ . '/vendor/autoload.php';
session_start();
use kornrunner\Blurhash\Blurhash;
if (empty($_SESSION)) {
$_SESSION['auth'] = false;
}
include("config.php");
include "config.php";
// MySQL
$pdo = new PDO(DB_DSN, DB_USERNAME, DB_PASSWORD, PDO_OPTIONS);
// Email
if (defined("RESEND_API_KEY")) {
$resend = Resend::client(RESEND_API_KEY);
}
include("time_handler.php");
require "misc_functions.php";
require "database.php";
include("time_handler.php");
include("id_handler.php");
include("accounts_handler.php");
if ($_SESSION['auth']) {
$user = db_execute("SELECT * FROM `accounts` WHERE id = ? LIMIT 1", [$_SESSION['id']]);
// Attempt to log the user in using their cookie if auth isn't set.
if (!$_SESSION['auth']) {
if (key_exists('keep_me_logged_in', $_COOKIE)) {
if (validate_access_token($_COOKIE['keep_me_logged_in'])) {
// Work out who the key belongs to
$cookie_owner = db_execute("SELECT * FROM tokens WHERE access_token = ?", [$_COOKIE['keep_me_logged_in']]);
if ($cookie_owner['type'] != "cookie") {
setcookie('keep_me_logged_in', '', time()-3600);
goto skip_cookie;
}
$_SESSION['auth'] = true;
$_SESSION['id'] = $cookie_owner['owner_id'];
} else {
setcookie('keep_me_logged_in', '', time()-3600);
}
}
}
\Sentry\init([
'dsn' => SENTRY_DSN,
// Specify a fixed sample rate
'traces_sample_rate' => 1.0,
// Set a sampling rate for profiling - this is relative to traces_sample_rate
'profiles_sample_rate' => 1.0,
]);
function does_variable_exists( $variable ) {
return (isset($$variable)) ? "true" : "false";
}
skip_cookie:
$host_string = $_SERVER['HTTP_HOST'];
$host = explode('.', $host_string);
@ -45,6 +53,45 @@ if (str_ends_with($path,'/') && $path != "/") {
exit;
}
$uri = array_values(array_filter(explode('/', $uri_string)));
try {
if ($_SESSION['auth']) {
$user = db_execute("SELECT * FROM `accounts` WHERE id = ? LIMIT 1", [$_SESSION['id']]);
if (!$user) {
// Account doesn't exist. Log the user out.
// We won't redirect to the logout endpoint because if this is going off there's something
// broken anyway.
session_destroy();
die("Your session was invalid so we've logged you out.");
}
}
}
catch (Exception) {
echo('<header>Database is broken. Please tell an admin.</header>');
if ($uri_string == "/admin/init/database") { // Allows access to this page even if user doesn't have admin rights
// because you can't check the rights.
echo "<main>";
include "admin_initdatabase.php";
die ("</main>");
}
}
if (defined("SENTRY_DSN")) {
\Sentry\init([
'dsn' => SENTRY_DSN,
// Specify a fixed sample rate
'traces_sample_rate' => 1.0,
// Set a sampling rate for profiling - this is relative to traces_sample_rate
'profiles_sample_rate' => 1.0,
]);
}
function does_variable_exists( $variable ) {
return (isset($$variable)) ? "true" : "false";
}
if(isset($query_string[1])) {
$uri_string = $query_string[0];
@ -65,11 +112,13 @@ $include = "404.html";
$paths = array(
"/" => ["landing.php"],
"/admin" => ['admin.php'],
"/admin/init/database" => ["admin_initdatabase.php"],
"/admin/list/accounts" => ["admin_accounts.php"],
"/admin/list/apps" => ["admin_apps.php"],
"/admin/create/app" => ["admin_apps_create.php"],
"/admin/purge" => ["admin_purge.php"],
"/account" => ["account.php", "Your account"],
"/signin" => ["signin.php", "Sign in"],
@ -79,10 +128,19 @@ $paths = array(
"/admin/signinas" => ["signinas.php"],
"/reset/password" => ["reset_password.php", "Reset password"],
"/docs" => ["docs.php", "Docs"],
"/credits" => ["credits.html", "Credits"],
"/credits" => ["credits.php", "Credits"],
"/profile" => ["profile.php", "Profile"],
"/signin/external/basic" => ["login_external_basic.php"]
);
if (!empty($uri) ) { // Go to jail. Go directly to jail. Do not pass Go.
if ($uri[0] == "api") {
include("api_handler.php");
exit(); // fuck this shit i'm out
}
}
if (isset($paths[$path])) {
$include = $paths[$path][0];
if (isset($paths[$path][1])) {
@ -95,6 +153,10 @@ else {
http_response_code(404);
}
if ($include == "login_external_basic.php") {
goto skip_formalities;
}
?>
<!DOCTYPE html>
@ -116,14 +178,15 @@ else {
if ($uri[0] == "admin" && !$user['is_admin']) {
http_response_code(401);
die("<img src='https://http.cat/401.jpg'>");
die("<img src='https://http.cat/401.jpg' alt='A cat standing in front of a door with a No Cats Allowed sign on it.' />");
}
if ($uri[0] == "docs") {
$include = "docs.php";
}
}
skip_formalities:
include($include); ?>
</main>
<?php include("footer.php"); ?>

2
landing.php
View file

@ -1,6 +1,6 @@
<div class="hero">
<div class="hero-text">
<img src="https://byecorps.b-cdn.net/id/bcid.svg" alt="ByeCorps ID Logo" class="logo">
<img src="/assets/bcid.svg" alt="ByeCorps ID Logo" class="logo">
<h1><span class="bc-1">Bye</span><span class="bc-2">Corps</span><span class="bc-3"> ID</span></h1>
<p>Log into ByeCorps and beyond with a single ID.</p>
<!-- <p><input type="email" name="loginEmail" id="loginEmail" placeholder="Email" /></p> -->

147
login_external_basic.php Normal file
View file

@ -0,0 +1,147 @@
<?php
// Disable warnings lol
error_reporting(E_ALL ^ E_WARNING);
// Determine the app we are dealing with.
$flash = "";
$error = "";
if (null != $query['appid']) {
$app_id = $query['appid'];
} else {
$error = ["No app ID specified.", 200];
goto login;
}
$app = db_execute("SELECT * FROM apps WHERE id = ? LIMIT 1", [$app_id]);
$doc_title = "Sign in to " . $app['title'];
// Lets check that the callback matches the app...
if (null == $query['callback']) {
$disable_logging_in = true;
$error = ["No callback URL.", 400];
goto login;
}
if ($query['callback'] != $app['callback']) {
$disable_logging_in = true;
$error = ["Callback URL doesn't match our records.", 400];
goto login;
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// Here's a few easy steps to figure out if we should give the other party a token or not.
print_r($_POST);
// First: match the session ids. If they aren't the same it's probably Not Ok.
if (session_id() != $_POST['sessionid']) {
echo "<h1>401 Unauthorised</h1><p>You are not permitted to view this content.</p>";
exit(401);
}
// Now let's determine if we're logged in or not. We can use the session for this, and verify using the
// `bcid` value (which only appears if youre logged in!!!)
if ($_SESSION['auth']) {
if (null == $_POST['bcid'] || $_SESSION['id'] != $_POST['bcid']) {
// Both of these suggest tampering,
// let's log the user out and throw an error.
$_SESSION['auth'] = false;
$_SESSION['id'] = null;
$flash = "Sorry, something went wrong. Please sign in again.";
goto login;
}
}
else { // of course, there's also the case that you WERENT logged in. Let's verify if you're logged in or not.
$user_db_version = db_execute("SELECT * FROM accounts WHERE email = ?", [$_POST['email']]);
if (!password_verify($_POST['password'], $user_db_version['password']) || null == $user_db_version) {
// INCORRECT PASSWORD!!!!
// or the account doesn't exist. we don't care either way.
$flash = "Incorrect email or password.";
} else {
// if it's correct, we'll still force them to click log in again anyway. I'll also be nice and set the
// cookies properly.
$_SESSION['id'] = $user_db_version['id'];
$_SESSION['auth'] = true;
$user = $user_db_version;
goto login;
}
}
// The following gets run assuming we know the client is the one CLICKING the button.
$tokens = generate_basic_access_token($_POST['bcid']);
header('Location: '. $_POST['callback'].'?access_token='.$tokens['access'].'&refresh='.$tokens['refresh']
.'&expiry='.$tokens['expiry']);
exit();
}
login:
?>
<!DOCTYPE html>
<html>
<head>
<?php include ("head.php"); ?>
</head>
<body>
<?php include("header.php"); ?>
<main>
<div id="loginform">
<?php if ("" != $error) {goto error_no_app;} ?>
<h1>Sign into <?= $app['title'] ?></h1>
<p class="subtitle">Owned by <strong><?= get_display_name($app['owner_id'], put_bcid_in_parenthesis: true) ?></strong></p>
<p><?= $app['description'] ?></p>
<?php
error_no_app:
if ($error) {
http_response_code($error[1]);
echo "
<div class='error center'>
<span class='fa-regular fa-2xl center fa-xmark-circle'></span>
<h2>Something went wrong!</h2>
<p>Server returned error:<br /><code>$error[0]</code> (HTTP response code $error[1])</p>
</div>
";
goto dont_show_form;
}
?>
<p><strong><?= $app['title'] ?></strong> uses ByeCorps ID for authentication.</p>
<p>Please double-check the information and avoid signing in with your BCID if you do not trust this app.</p>
<p>Please confirm that you'd like to sign into <strong><?= $app['title'] ?></strong>.</p>
<?php
if (null != $flash) {
echo "<p class='flash'>$flash</p>";
} else {
echo "<br />";
}
?>
<form class="login" method="post" action="">
<input type="hidden" name="sessionid" value="<?= session_id() ?>" />
<?php if ($_SESSION['auth'])
{ $bcid = $user['id']; echo "<input type='hidden' name='bcid' value='$bcid' />";
echo "<p class='subtitle'>You are signed in as ". get_display_name($_SESSION['id'],
put_bcid_in_parenthesis: true) . ". <a>Not you?</a>.";
goto signedin; } ?>
<p class="subtitle">You will need to sign in first.</p>
<input type="email" autocomplete="email" name="email" id="email" placeholder="Email" />
<input type="password" name="password" id="password" placeholder="Password" />
<?php signedin: ?>
<button class="primary" type="submit">Sign into <?= $app['title']; ?></button>
<button class="secondary" type="reset">GET ME OUT OF HERE</button>
<p class="subtitle center">
You will be brought to <strong><?= $query['callback'] ?></strong>.
<br /><?= $app['title'] ?> will be able to see your email and display name.
</p>
<input type="hidden" name="callback" value="<?= $query['callback'] ?>" />
</form>
<?php dont_show_form: ?>
</div>

44
signin.php
View file

@ -25,14 +25,20 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (password_verify($password, $user["password"])) {
$_SESSION["id"] = $user["id"];
$_SESSION["auth"] = true;
//
// print_r($_POST);
// echo(is_string($_POST['keep_logged_in']));
if ($_POST['keep_logged_in'] == "on") {
$token = generate_cookie_access_token($user['id']);
// print_r($token);
setcookie("keep_me_logged_in", $token['access']);
}
//
if (isset($query['callback'])) {
header("Location: ".$query['callback']);
} else {
header("Location: /profile");
// echo "<pre>";
// var_dump($user);
// var_dump($_SESSION);
// die();
}
exit;
@ -44,17 +50,21 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
?>
<h2>Sign in to ByeCorps ID</h2>
<?php
if (isset($message)) {
echo "<div class='flash'>$message</div>";
}?>
<form method="post">
<input type="email" name="email" id="email" placeholder="Email">
<input type="password" name="password" id="password" placeholder="Password">
<button type="submit">Sign in</button>
</form>
<div id="loginform">
<h2>Sign in to ByeCorps ID</h2>
<?php
if (isset($message)) {
echo "<div class='flash'>$message</div>";
}?>
<form class="login" method="post">
<input type="email" name="email" id="email" placeholder="Email" />
<input type="password" name="password" id="password" placeholder="Password" />
<div class="checkbox"><input type="checkbox" name="keep_logged_in" id="keep_logged_in" />
<label for="keep_logged_in">Keep me logged in (for 365 days)</label></div>
<button class="primary" type="submit">Sign in</button>
</form>
<p class="center">
<a href="/forgot/password">Forgot password?</a> &bull; New? <a href="/register">Register</a> for a ByeCorps ID.
</p>
<p class="center">
<a href="/forgot/password">Forgot password?</a> &bull; New? <a href="/register">Register</a> for a ByeCorps ID.
</p>
</div>

1
signout.php
View file

@ -2,6 +2,7 @@
$_SESSION['id'] = null;
$_SESSION['auth'] = false;
setcookie('keep_me_logged_in', '', time()-3600);
session_destroy();
?>

5
styles/colours.css
View file

@ -101,6 +101,11 @@ input[data-com-onepassword-filled="dark"] {
margin: 0;
}
.flash {
background: var(--red-5);
color: black;
}
@media screen and (prefers-color-scheme: dark) {
html {
background: var(--background-dark, #121212);

5
styles/design.css
View file

@ -46,6 +46,11 @@ input:disabled {
cursor: not-allowed;
}
.flash {
padding: 1rem;
border-radius: 1rem;
}
table {
background-color: var(--grey-2);
width: 100%;

5
styles/layout.css
View file

@ -148,3 +148,8 @@ form {
display: flex;
}
#loginform {
max-width: 500px;
margin: auto;
}

6
styles/types.css
View file

@ -42,6 +42,12 @@ h2.subheading + h1 {
font-family: 'Courier Prime', monospace;
}
p.subtitle {
font-size: 0.9rem;
margin: 0;
opacity: 0.8;
}
.center {
text-align: center;
}