X-Git-Url: http://git.pjr.cc/?a=blobdiff_plain;f=authserver%2Fwww%2Fadmin_actions.php;h=a3511e2c7b5295c92398e535887daf26a266a388;hb=c3c37cd9f486175adf0351de80c19efd02892ca6;hp=d6a224cd5de99dab19084ca43e3b486a20c25fd0;hpb=e2e22b45b14cae630587bc662a8bfcda98b04510;p=ga4php.git

diff --git a/authserver/www/admin_actions.php b/authserver/www/admin_actions.php
index d6a224c..a3511e2 100644
--- a/authserver/www/admin_actions.php
+++ b/authserver/www/admin_actions.php
@@ -10,6 +10,57 @@ else $loggedin = false;
 
 if(isset($_REQUEST["action"])) {
 	switch($_REQUEST["action"]) {
+		case "customtoken":
+			$ttype = $_REQUEST["tokentype"];
+			$tkey = $_REQUEST["tokenkey"];
+			$username = $_REQUEST["username"];
+			$ret1 = $myAC->setUserTokenType($username, $ttype);
+			$ret2 = $myAC->setUserToken($username, $tkey);
+			error_log("got, $ret1, $ret2...");
+			break;
+		case "synctoken":
+			$username = $_REQUEST["username"];
+			$tokenone = $_REQUEST["tokenone"];
+			$tokentwo = $_REQUEST["tokentwo"];
+			$retval = $myAC->syncUserToken($username, $tokenone, $tokentwo);
+			error_log("retval: $retval");
+			if($retval) {
+				header("Location: ?message=".urlencode("token synced"));
+				exit(0);
+			} else {
+				header("Location: ?error=".urlencode("token not synced"));
+				exit(0);
+			}
+			
+			break;
+		case "recreatehotptoken":
+			$username = $_REQUEST["username"];
+			$myAC->addUser($username, "HOTP");
+			header("Location: ?message=".urlencode("seemed to work?"));
+			break;
+		case "recreatetotptoken":
+			$username = $_REQUEST["username"];
+			$myAC->addUser($username, "TOTP");
+			header("Location: ?message=".urlencode("seemed to work?"));
+			break;
+		case "deletetoken":
+			$username = $_REQUEST["username"];
+			$myAC->deleteUserToken($username);
+			header("Location: ?message=".urlencode("seemed to work?"));
+			break;
+		case "edituser":
+			$username = $_REQUEST["username"];
+			if($_REQUEST["original_real"] != $_REQUEST["realname"]) {
+				$myAC->setUserRealName($username, $_REQUEST["realname"]);
+			}
+			if($_REQUEST["password"] != "") {
+				if($_REQUEST["password"]!=$_REQUEST["password_conf"]) {
+					header("Location: ?message=confirmfalse");
+				} else {
+					$myAC->setUserPass($username, $_REQUEST["password"]);
+				}
+			}
+			break;
 		case "login":
 			$username = $_REQUEST["username"];
 			$password = $_REQUEST["password"];
@@ -19,7 +70,7 @@ if(isset($_REQUEST["action"])) {
 				$_SESSION["username"] = $username;
 				header("Location: admin.php");
 			} else {
-				header("Location: admin.php?message=loginfail");
+				header("Location: admin.php?error=".urlencode("Login Failed"));
 			}
 			
 			exit(0);
@@ -32,7 +83,12 @@ if(isset($_REQUEST["action"])) {
 			break;
 		case "createuser":
 			$username = $_REQUEST["username"];
-			$myAC->addUser($username);
+			$users = explode(",",$username);
+			foreach($users as $user) {
+				$user = trim($user);
+				error_log("createing, $user\n");
+				if($user != "" && strlen($user)>2) $myAC->addUser($user);
+			}
 			header("Location: admin.php");
 			exit(0);
 			break;
@@ -57,10 +113,10 @@ if(isset($_REQUEST["action"])) {
 			$myAC->setUserPass($username, "");
 			break;
 		case "getotkimg":
-			
 			$otk = $_REQUEST["otk"];
+			$username = $_REQUEST["username"];
 			error_log("requesting otk, $otk");
-			$otk_img = $myAC->getOtkPng($otk);
+			$otk_img = $myAC->getOtkPng($username,$otk);
 			header("Content-type: image/png");
 			echo $otk_img;
 			exit(0);