djpbessems/lucidAuth
1
0
Fork 0
Code Issues Pull Requests Releases 2 Wiki Activity

Babysteps towards cross-domain-cookies-in-iframes

Browse Source
This commit is contained in:
Danny Bessems
2019-03-13 09:59:12 +00:00
parent 0a5384f6a8
commit a20f13ab7c
3 changed files with 28 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
public/lucidAuth.setXDomainCookie.php
View File

@ -3,8 +3,7 @@
include_once('../include/lucidAuth.functions.php');
// Start with checking $_REQUEST['ref']
// Start with checking $_REQUEST['ref']
// What do we need?
// token again?
@ -16,6 +15,24 @@
// let the client setup multiple iframes for all domains other than origin domains
// this requires passing an array of domains to the client in asynchronous reply; which feels insecure
if (!empty($_REQUEST['ref'])) {
try {
$queryString = json_decode(base64_decode($_REQUEST['ref']), JSON_OBJECT_AS_ARRAY);
}
catch (Exception $e) {
// Silently fail, unless explicitly specified otherwise
if ($settings->Debug['Verbose']) throw new Exception($e);
exit;
}
switch ($queryString['action']) {
case 'login':
break;
default:
break;
}
}
include_once('../include/lucidAuth.template.php');
echo sprintf($pageLayout['bare'],

8
public/misc/script.manage.js
View File

@ -22,9 +22,9 @@ $(document).ready(function(){
.append($('<td>', {
class: 'immutable',
html: '<button class="bttn-simple bttn-xs bttn-primary disabled" data-translation="button_sessions" disabled="true">' +
locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'nl')]['button_sessions'] + '</button>&nbsp;' +
locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'en')]['button_sessions'] + '</button>&nbsp;' +
'<button class="bttn-simple bttn-xs bttn-primary delete" data-translation="button_delete">' +
locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'nl')]['button_delete'] +
locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'en')]['button_delete'] +
'</button>'
}))
);
@ -69,6 +69,10 @@ console.log({'new': newEntries, 'removed': removedEntries});
window.location.reload();
});
$('#linklogout').click(function() {
console.log('Logging out!');
});
if (localStorage.getItem('theme') !== null) {
$('#theme').addClass(localStorage.getItem('theme'));
}