authserver/www/admin_actions.php

   1 <?php
   2 require_once("../lib/authClient.php");
   3
   4 $myAC = new GAAuthClient();
   5
   6 session_start();
   7
   8 if(isset($_SESSION["loggedin"])) if($_SESSION["loggedin"]) $loggedin = true;
   9 else $loggedin = false;
  10
  11 if(isset($_REQUEST["action"])) {
  12         switch($_REQUEST["action"]) {
  13                 case "recreatehotptoken":
  14                         $username = $_REQUEST["username"];
  15                         $myAC->addUser($username, "HOTP");
  16                         header("Location: ?message=".urlencode("seemed to work?"));
  17                         break;
  18                 case "recreatetotptoken":
  19                         $username = $_REQUEST["username"];
  20                         $myAC->addUser($username, "TOTP");
  21                         header("Location: ?message=".urlencode("seemed to work?"));
  22                         break;
  23                 case "deletetoken":
  24                         $username = $_REQUEST["username"];
  25                         $myAC->deleteUserToken($username);
  26                         header("Location: ?message=".urlencode("seemed to work?"));
  27                         break;
  28                 case "edituser":
  29                         $username = $_REQUEST["username"];
  30                         if($_REQUEST["original_real"] != $_REQUEST["realname"]) {
  31                                 $myAC->setUserRealName($username, $_REQUEST["realname"]);
  32                         }
  33                         if($_REQUEST["password"] != "") {
  34                                 if($_REQUEST["password"]!=$_REQUEST["password_conf"]) {
  35                                         header("Location: ?message=confirmfalse");
  36                                 } else {
  37                                         $myAC->setUserPass($username, $_REQUEST["password"]);
  38                                 }
  39                         }
  40                         break;
  41                 case "login":
  42                         $username = $_REQUEST["username"];
  43                         $password = $_REQUEST["password"];
  44
  45                         if($myAC->authUserPass($username, $password)) {
  46                                 $_SESSION["loggedin"] = true;
  47                                 $_SESSION["username"] = $username;
  48                                 header("Location: admin.php");
  49                         } else {
  50                                 header("Location: admin.php?error=".urlencode("Login Failed"));
  51                         }
  52
  53                         exit(0);
  54                         break;
  55                 case "logout":
  56                         $_SESSION["loggedin"] = false;
  57                         $_SESSION["username"] = "";
  58                         header("Location: admin.php");
  59                         exit(0);
  60                         break;
  61                 case "createuser":
  62                         $username = $_REQUEST["username"];
  63                         $users = explode(",",$username);
  64                         foreach($users as $user) {
  65                                 $user = trim($user);
  66                                 error_log("createing, $user\n");
  67                                 if($user != "" && strlen($user)>2) $myAC->addUser($user);
  68                         }
  69                         header("Location: admin.php");
  70                         exit(0);
  71                         break;
  72                 case "update":
  73                         error_log("would update");
  74                         $err = print_r($_REQUEST, true);
  75                         error_log("req: $err\n");
  76                         $username = $_REQUEST["username"];
  77                         if($_REQUEST["realname"]!="") {
  78                                 $myAC->setUserRealName($username, $_REQUEST["realname"]);
  79                         }
  80                         if($_REQUEST["password"]!= "") {
  81                                 $myAC->setUserPass($username, $_REQUEST["password"]);
  82                         }
  83                         break;
  84                 case "delete":
  85                         $username = $_REQUEST["username"];
  86                         $myAC->deleteUser($username);
  87                         break;
  88                 case "deletepass":
  89                         $username = $_REQUEST["username"];
  90                         $myAC->setUserPass($username, "");
  91                         break;
  92                 case "getotkimg":
  93                         $otk = $_REQUEST["otk"];
  94                         $username = $_REQUEST["username"];
  95                         error_log("requesting otk, $otk");
  96                         $otk_img = $myAC->getOtkPng($username,$otk);
  97                         header("Content-type: image/png");
  98                         echo $otk_img;
  99                         exit(0);
 100                         break;
 101         }
 102 }
 103 ?>