Rudimentary implementation of authentication processflow

public/lucidAuth.validateRequest.php

@@ -16,7 +16,10 @@
 	}, ARRAY_FILTER_USE_KEY);
 	
 	// For debugging purposes - enable it in ../lucidAuth.config.php
-	if ($settings->Debug['LogToFile']) file_put_contents('../requestHeaders.log', (new DateTime())->format('Y-m-d\TH:i:s.u') . ' --- ' . (json_encode($proxyHeaders, JSON_FORCE_OBJECT) . PHP_EOL), FILE_APPEND);
+	if ($settings->Debug['LogToFile']) {
+		file_put_contents('../requestHeaders.log', (new DateTime())->format('Y-m-d\TH:i:s.u') . ' --- ' . (json_encode($proxyHeaders, JSON_FORCE_OBJECT)) . PHP_EOL, FILE_APPEND);
+		file_put_contents('../requestHeaders.log', (new DateTime())->format('Y-m-d\TH:i:s.u') . ' --+ ' . (base64_encode(json_encode($proxyHeaders))) . PHP_EOL, FILE_APPEND);
+	}
 
 #	if (sizeof($proxyHeaders) == 0) {
 	if (False) {
@@ -25,16 +28,18 @@
 		exit;
 	}
 
-#	if (validateToken($_COOKIE['Exp'], $_COOKIE['Sub'], $_COOKIE['JWT']) != True) {
-	if (False) {
-		// No or invalid authentication token found, redirecting to loginpage
-		header("HTTP/1.1 401 Unauthorized");
-#remember to include cookies/headers/something
-		header("Location: lucidAuth.login.php");
-	} else {
+	if ((!empty($_COOKIE['Exp']) && !empty($_COOKIE['Sub']) && !empty($_COOKIE['JWT'])) && validateToken([
+		'Exp' => $_COOKIE['Exp'],
+		'Sub' => $_COOKIE['Sub'],
+		'JWT' => $_COOKIE['JWT']
+	])['status'] == "Success") {
 		// Valid authentication token found
 		header("HTTP/1.1 202 Accepted");
 		exit;
+	} else {
+		// No cookie containing valid authentication token found, redirecting to loginpage
+		header("HTTP/1.1 401 Unauthorized");
+		header("Location: lucidAuth.login.php?ref=" . base64_encode(json_encode($proxyHeaders)));
 	}
 
 ?>