djpbessems
/
lucidAuth
1
1
Fork 0
Code Issues Pull Requests Releases 2 Wiki Activity

Migrated IDE platform; accepting nonexisting diffs to make IDE happy

This commit is contained in:
Danny Bessems 2019-02-27 21:39:31 +01:00
parent 1ffa164160
commit c8fe81d222
17 changed files with 1701 additions and 1665 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1348
LICENSE.md
View File

File diff suppressed because it is too large Load Diff

62
README.md
View File

@ -1,32 +1,32 @@
# lucidAuth # lucidAuth
[![](https://img.shields.io/badge/status-in%20production-%23003399.svg)](#) [![](https://img.shields.io/badge/contributors-1-green.svg) ](#) [![](https://img.shields.io/badge/status-in%20production-%23003399.svg)](#) [![](https://img.shields.io/badge/contributors-1-green.svg) ](#)
Forward Authentication for use with proxies (caddy, nginx, traefik, etc) Forward Authentication for use with proxies (caddy, nginx, traefik, etc)
## Usage ## Usage
- Create a new folder, navigate to it in a commandprompt and run the following command: - Create a new folder, navigate to it in a commandprompt and run the following command:
`git clone https://code.spamasaurus.com/djpbessems/lucidAuth.git` `git clone https://code.spamasaurus.com/djpbessems/lucidAuth.git`
- Edit `include/lucidAuth.config.php.example` to reflect your configuration and save as `include/lucidAuth.config.php` - Edit `include/lucidAuth.config.php.example` to reflect your configuration and save as `include/lucidAuth.config.php`
- Create a new website (within any php-capable webserver) and make sure that the documentroot points to the `public` folder - Create a new website (within any php-capable webserver) and make sure that the documentroot points to the `public` folder
- Check if you are able to browse to `https://<fqdn>/lucidAuth.login.php` (where `<fqdn>` is the actual domain -or IP address- your webserver is listening on) - Check if you are able to browse to `https://<fqdn>/lucidAuth.login.php` (where `<fqdn>` is the actual domain -or IP address- your webserver is listening on)
- Edit your proxy's configuration to use the new website as forward proxy: - Edit your proxy's configuration to use the new website as forward proxy:
- #### ~~in Caddy/nginx~~ <small>(planned for a later stage)</small> - #### ~~in Caddy/nginx~~ <small>(planned for a later stage)</small>
- #### in Traefik - #### in Traefik
Add the following lines (change to reflect your existing configuration): Add the following lines (change to reflect your existing configuration):
``` ```
[frontends.server1] [frontends.server1]
entrypoints = ["https"] entrypoints = ["https"]
backend = "server1" backend = "server1"
[frontends.server1.auth.forward] [frontends.server1.auth.forward]
address = "https://<fqdn>/lucidAuth.validateRequest.php" address = "https://<fqdn>/lucidAuth.validateRequest.php"
[frontends.server1.routes] [frontends.server1.routes]
[frontends.server1.routes.ext] [frontends.server1.routes.ext]
rule = "Host:<fqdn>" rule = "Host:<fqdn>"
``` ```
- #### Important! - #### Important!
The domainname of the website made in step 3, needs to match the domainname (*ignoring subdomains, if any*) of the resource utilizing this authentication proxy. The domainname of the website made in step 3, needs to match the domainname (*ignoring subdomains, if any*) of the resource utilizing this authentication proxy.
## Questions or bugs ## Questions or bugs
Feel free to open issues in this repository. Feel free to open issues in this repository.

295
include/lucidAuth.functions.php
View File

@ -1,147 +1,150 @@
<?php <?php
$configurationFile = '../lucidAuth.config.php'; $configurationFile = '../lucidAuth.config.php';
if (!file_exists($configurationFile)) { if (!file_exists($configurationFile)) {
throw new Exception(sprintf('Missing config file. Please rename \'%1$s.example\' to \'%1$s\' and edit it to reflect your setup.', explode('../', $configurationFile)[1])); throw new Exception(sprintf('Missing config file. Please rename \'%1$s.example\' to \'%1$s\' and edit it to reflect your setup.', explode('../', $configurationFile)[1]));
} }
$settings = include_once($configurationFile); $settings = include_once($configurationFile);
try { try {
# switch ($settings->Database['Driver']) { # switch ($settings->Database['Driver']) {
# case 'sqlite': # case 'sqlite':
# $database = new PDO('sqlite:' . $settings->Database['Path']); # $database = new PDO('sqlite:' . $settings->Database['Path']);
if (is_writable($settings->Sqlite['Path'])) { if (is_writable($settings->Sqlite['Path'])) {
$pdoDB = new PDO('sqlite:' . $settings->Sqlite['Path']); $pdoDB = new PDO('sqlite:' . $settings->Sqlite['Path']);
} else { } else {
throw new Exception(sprintf('Database file \'%1$s\' is not writable', $settings->Sqlite['Path'])); throw new Exception(sprintf('Database file \'%1$s\' is not writable', $settings->Sqlite['Path']));
} }
# } # }
} }
catch (Exception $e) { catch (Exception $e) {
throw new Exception(sprintf('Unable to connect to database \'%1$s\'', $settings->Sqlite['Path'])); throw new Exception(sprintf('Unable to connect to database \'%1$s\'', $settings->Sqlite['Path']));
} }
function authenticateLDAP (string $username, string $password) { function authenticateLDAP (string $username, string $password) {
global $settings; global $settings;
if (!empty($username) && !empty($password)) { if (!empty($username) && !empty($password)) {
// Handle login requests // Handle login requests
$ds = ldap_connect($settings->LDAP['Server'], $settings->LDAP['Port']); $ds = ldap_connect($settings->LDAP['Server'], $settings->LDAP['Port']);
// Strict namingconvention: only allow alphabetic characters // Strict namingconvention: only allow alphabetic characters
$sanitizedUsername = preg_replace('([^a-zA-Z]*)', '', $_POST['username']); $sanitizedUsername = preg_replace('([^a-zA-Z]*)', '', $_POST['username']);
$qualifiedUsername = $settings->LDAP['Domain'] . '\\' . $sanitizedUsername; $qualifiedUsername = $settings->LDAP['Domain'] . '\\' . $sanitizedUsername;
if (@ldap_bind($ds, $qualifiedUsername, utf8_encode($_POST['password']))) { if (@ldap_bind($ds, $qualifiedUsername, utf8_encode($_POST['password']))) {
// Successful authentication; get additional userdetails from authenticationsource // Successful authentication; get additional userdetails from authenticationsource
$ldapSearchResults = ldap_search($ds, $settings->LDAP['BaseDN'], "sAMAccountName=$sanitizedUsername"); $ldapSearchResults = ldap_search($ds, $settings->LDAP['BaseDN'], "sAMAccountName=$sanitizedUsername");
$commonName = ldap_get_entries($ds, $ldapSearchResults)[0]['cn'][0]; $commonName = ldap_get_entries($ds, $ldapSearchResults)[0]['cn'][0];
// Create JWT-payload // Create JWT-payload
$jwtPayload = [ $jwtPayload = [
'iat' => time(), // Issued at: time when the token was generated 'iat' => time(), // Issued at: time when the token was generated
'iss' => $_SERVER['SERVER_NAME'], // Issuer 'iss' => $_SERVER['SERVER_NAME'], // Issuer
'sub' => $qualifiedUsername, // Subject (ie. username) 'sub' => $qualifiedUsername, // Subject (ie. username)
'name' => $commonName // Common name (as retrieved from AD) 'name' => $commonName // Common name (as retrieved from AD)
]; ];
$secureToken = JWT::encode($jwtPayload, base64_decode($settings->JWT['PrivateKey_base64'])); $secureToken = JWT::encode($jwtPayload, base64_decode($settings->JWT['PrivateKey_base64']));
return ['status' => 'Success', 'token' => $secureToken]; return ['status' => 'Success', 'token' => $secureToken];
} else { } else {
// LDAP authentication failed! // LDAP authentication failed!
return ['status' => 'Fail', 'reason' => '1']; return ['status' => 'Fail', 'reason' => '1'];
} }
} else { } else {
// Empty username or passwords not allowed! // Empty username or passwords not allowed!
return ['status' => 'Fail', 'reason' => '1']; return ['status' => 'Fail', 'reason' => '1'];
} }
} }
function storeToken (string $secureToken, string $qualifiedUsername, string $httpHost) { function storeToken (string $secureToken, string $qualifiedUsername, string $httpHost) {
global $settings, $pdoDB; global $settings, $pdoDB;
// Save authentication token in database serverside // Save authentication token in database serverside
try { try {
$pdoQuery = $pdoDB->prepare(' $pdoQuery = $pdoDB->prepare('
INSERT INTO SecureToken (UserId, Value) INSERT INTO SecureToken (UserId, Value)
SELECT User.Id, :securetoken SELECT User.Id, :securetoken
FROM User FROM User
WHERE User.Username = :qualifiedusername WHERE User.Username = :qualifiedusername
'); ');
$pdoQuery->execute([ $pdoQuery->execute([
':securetoken' => $secureToken, ':securetoken' => $secureToken,
':qualifiedusername' => $qualifiedUsername ':qualifiedusername' => $qualifiedUsername
]); ]);
} }
catch (Exception $e) { catch (Exception $e) {
return ['status' => 'Fail', 'reason' => $e]; return ['status' => 'Fail', 'reason' => $e];
} }
// Save authentication token in cookie clientside // Save authentication token in cookie clientside
$cookieDomain = array_values(array_filter($settings->Session['CookieDomains'], function ($value) use ($httpHost) { $cookieDomain = array_values(array_filter($settings->Session['CookieDomains'], function ($value) use ($httpHost) {
// Check if $_SERVER['HTTP_HOST'] matches any of the configured domains (either explicitly or as a subdomain) // Check if $_SERVER['HTTP_HOST'] matches any of the configured domains (either explicitly or as a subdomain)
// This might seem backwards, but relying on $_SERVER directly allows spoofed values with potential security risks // This might seem backwards, but relying on $_SERVER directly allows spoofed values with potential security risks
return (strlen($value) > strlen($httpHost)) ? false : (0 === substr_compare($httpHost, $value, -strlen($value))); return (strlen($value) > strlen($httpHost)) ? false : (0 === substr_compare($httpHost, $value, -strlen($value)));
}))[0]; }))[0];
if ($cookieDomain && setcookie('JWT', $secureToken, (time() + $settings->Session['Duration']), '/', '.' . $cookieDomain)) { if ($cookieDomain && setcookie('JWT', $secureToken, (time() + $settings->Session['Duration']), '/', '.' . $cookieDomain)) {
return ['status' => 'Success']; return ['status' => 'Success'];
} else { } else {
return ['status' => 'Fail', 'reason' => 'Unable to store cookie(s)']; return ['status' => 'Fail', 'reason' => 'Unable to store cookie(s)'];
} }
} }
function validateToken (string $secureToken) { function validateToken (string $secureToken) {
global $settings, $pdoDB; global $settings, $pdoDB;
// Decode provided authentication token // Decode provided authentication token
try { try {
$jwtPayload = JWT::decode($secureToken, base64_decode($settings->JWT['PrivateKey_base64']), $settings->JWT['Algorithm']); $jwtPayload = JWT::decode($secureToken, base64_decode($settings->JWT['PrivateKey_base64']), $settings->JWT['Algorithm']);
} catch (Exception $e) { } catch (Exception $e) {
// Invalid token // Invalid token
if ($settings->Debug['LogToFile']) { if ($settings->Debug['LogToFile']) {
file_put_contents('../validateToken.log', (new DateTime())->format('Y-m-d\TH:i:s.u') . ' --- Provided token could not be decoded' . PHP_EOL, FILE_APPEND); file_put_contents('../validateToken.log', (new DateTime())->format('Y-m-d\TH:i:s.u') . ' --- Provided token could not be decoded' . PHP_EOL, FILE_APPEND);
} }
return ['status' => 'Fail', 'reason' => '1']; return ['status' => 'Fail', 'reason' => '1'];
} }
if ((int)$jwtPayload->iat < (time() - (int)$settings->Session['Duration'])) { if ((int)$jwtPayload->iat < (time() - (int)$settings->Session['Duration'])) {
// Expired token // Expired token
if ($settings->Debug['LogToFile']) { if ($settings->Debug['LogToFile']) {
file_put_contents('../validateToken.log', (new DateTime())->format('Y-m-d\TH:i:s.u') . ' --- Provided token has expired' . PHP_EOL, FILE_APPEND); file_put_contents('../validateToken.log', (new DateTime())->format('Y-m-d\TH:i:s.u') . ' --- Provided token has expired' . PHP_EOL, FILE_APPEND);
} }
return ['status' => 'Fail', 'reason' => '3']; return ['status' => 'Fail', 'reason' => '3'];
} }
// Retrieve all authentication tokens from database matching username // Retrieve all authentication tokens from database matching username
$pdoQuery = $pdoDB->prepare(' $pdoQuery = $pdoDB->prepare('
SELECT SecureToken.Value SELECT SecureToken.Value
FROM SecureToken FROM SecureToken
LEFT JOIN User LEFT JOIN User
ON (User.Id=SecureToken.UserId) ON (User.Id=SecureToken.UserId)
WHERE User.Username = :username WHERE User.Username = :username
'); ');
$pdoQuery->execute([ $pdoQuery->execute([
':username' => (string)$jwtPayload->sub ':username' => (string)$jwtPayload->sub
]); ]);
foreach($pdoQuery->fetchAll(PDO::FETCH_ASSOC) as $row) { foreach($pdoQuery->fetchAll(PDO::FETCH_ASSOC) as $row) {
try { try {
$storedTokens[] = JWT::decode($row['Value'], base64_decode($settings->JWT['PrivateKey_base64']), $settings->JWT['Algorithm']); $storedTokens[] = JWT::decode($row['Value'], base64_decode($settings->JWT['PrivateKey_base64']), $settings->JWT['Algorithm']);
} catch (Exception $e) { } catch (Exception $e) {
continue; continue;
} }
} }
// Compare provided authentication token to all stored tokens in database // Compare provided authentication token to all stored tokens in database
if (!empty($storedTokens) && sizeof(array_filter($storedTokens, function ($value) use ($jwtPayload) { if (!empty($storedTokens) && sizeof(array_filter($storedTokens, function ($value) use ($jwtPayload) {
return $value->iat === $jwtPayload->iat; return $value->iat === $jwtPayload->iat;
})) === 1) { })) === 1) {
return ['status' => 'Success']; return [
} else { 'status' => 'Success',
if ($settings->Debug['LogToFile']) { 'name' => $jwtPayload->name
file_put_contents('../validateToken.log', (new DateTime())->format('Y-m-d\TH:i:s.u') . ' --- No matching token in database' . PHP_EOL, FILE_APPEND); ];
} } else {
return ['status' => 'Fail', 'reason' => '2']; if ($settings->Debug['LogToFile']) {
} file_put_contents('../validateToken.log', (new DateTime())->format('Y-m-d\TH:i:s.u') . ' --- Either no matching token or multiple matching tokens found in database' . PHP_EOL, FILE_APPEND);
} }
return ['status' => 'Fail', 'reason' => '2'];
}
}
?> ?>

230
include/lucidAuth.template.php
View File

@ -1,122 +1,110 @@
<?php <?php
error_reporting(E_ALL & ~E_NOTICE); error_reporting(E_ALL & ~E_NOTICE);
$pageLayout['full'] = <<<'FULL' $pageLayout['full'] = <<<'FULL'
<!DOCTYPE html> <!DOCTYPE html>
<html lang="nl"> <html lang="nl">
<head> <head>
<meta charset="utf-8" /> <meta charset="utf-8" />
<title>lucidAuth</title> <title>lucidAuth</title>
<meta name="application-name" content="lucidAuth" /> <meta name="application-name" content="lucidAuth" />
<meta name="theme-color" content="#B50000" /> <meta name="theme-color" content="#003399" />
<link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png" /> <link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png" />
<link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png" /> <link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png" />
<link rel="manifest" href="/manifest.json" /> <link rel="manifest" href="/manifest.json" />
<link href="misc/style.css" rel="stylesheet" /> <link href="misc/style.css" rel="stylesheet" />
<link href="misc/style.theme.css" rel="stylesheet" /> <link href="misc/style.theme.css" rel="stylesheet" />
<link href="misc/style.button.css" rel="stylesheet" /> <link href="misc/style.button.css" rel="stylesheet" />
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.js"></script> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.js"></script>
<script src="misc/script.theme.js"></script> <script src="misc/script.theme.js"></script>
<script src="misc/script.translation.js"></script> <script src="misc/script.translation.js"></script>
</head> </head>
<body> <body>
<div id="horizon"> <div id="horizon">
<div id="content"> <div id="content">
<div class="logo"> <div class="logo">
<div class="left"><div class="middle">lucidAuth</div></div><div class="right"></div> <div class="left"><div class="middle">lucidAuth</div></div><div class="right"></div>
<div class="sub"><em>Respect</em> the unexpected; mitigate your risks</div> <div class="sub"><em>Respect</em> the unexpected; mitigate your risks</div>
</div> </div>
<div class="main"> <div class="main">
%1$s %1$s
</div> </div>
</div> </div>
</div> </div>
</body> </body>
</html> </html>
FULL; FULL;
$pageLayout['bare'] = <<<'BARE' $pageLayout['bare'] = <<<'BARE'
<!DOCTYPE html> <!DOCTYPE html>
<html lang="nl"> <html lang="nl">
<head> <head>
<meta charset="utf-8" /> <meta charset="utf-8" />
<title>lucidAuth</title> <title>lucidAuth</title>
<meta name="application-name" content="lucidAuth" /> <meta name="application-name" content="lucidAuth" />
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.js"></script> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.js"></script>
<script src="misc/script.iframe.js"></script> <script src="misc/script.iframe.js"></script>
</head> </head>
<body> <body>
%1$s %1$s
</body> </body>
</html> </html>
BARE; BARE;
$contentLayout['login'] = <<<LOGIN $contentLayout['login'] = <<<'LOGIN'
<script src="misc/script.index.js"></script> <script src="misc/script.index.js"></script>
<fieldset> <fieldset>
<legend>Login Details</legend> <legend>Login Details</legend>
<ul> <ul>
<li> <li>
<label class="pre" for="username" data-translation="label_username">Gebruikersnaam:</label> <label class="pre" for="username" data-translation="label_username">Gebruikersnaam:</label>
<input type="text" id="username" name="username" tabindex="100" /> <input type="text" id="username" name="username" tabindex="100" />
<label for="username">@lucidAuth</label> <label for="username">@lucidAuth</label>
</li> </li>
<li> <li>
<label class="pre" for="password" data-translation="label_password">Wachtwoord:</label> <label class="pre" for="password" data-translation="label_password">Wachtwoord:</label>
<input type="password" id="password" name="password" tabindex="200" /> <input type="password" id="password" name="password" tabindex="200" />
</li> </li>
<li> <li>
<input type="hidden" id="ref" name="ref" value="{$_GET['ref']}" /> <input type="hidden" id="ref" name="ref" value="%1$s" />
<button id="btnlogin" class="bttn-simple bttn-xs bttn-primary" tabindex="300" data-translation="button_login">login</button> <button id="btnlogin" class="bttn-simple bttn-xs bttn-primary" tabindex="300" data-translation="button_login">login</button>
</li> </li>
<li class="misc"> <li class="misc">
<span class="indent">&nbsp;</span> <span class="indent">&nbsp;</span>
</li> </li>
<li class="misc"> <li class="misc">
<span class="indent" data-translation="span_credentialsavailable">Inloggegevens verkrijgbaar op aanvraag!</span> <span class="indent" data-translation="span_credentialsavailable">Inloggegevens verkrijgbaar op aanvraag!</span>
</li> </li>
</ul> </ul>
</fieldset> </fieldset>
<img src="/images/tag_lock.png" style="position: absolute; top: 175px; left: 20px;" alt="Secure!" /> <img src="/images/tag_lock.png" style="position: absolute; top: 175px; left: 20px;" alt="Secure!" />
LOGIN; LOGIN;
$contentLayout['manage'] = <<<'MANAGE' $contentLayout['manage'] = <<<'MANAGE'
<script src="misc/script.manage.js"></script> <script src="misc/script.manage.js"></script>
<span id="user"><span data-translation="span_loggedinas">Ingelogd als</span>&nbsp;{$_SESSION['fullname']}&nbsp;---&nbsp;[<a id="linkplugindialog" tabindex="600" data-translation="link_plugin">Browser plugin</a><div id="pluginlogos"><span data-translation="label_selectbrowser" style="float: left; margin-left: 5px;">Select browser:</span><span style="font-size: 8px; float: right; margin-right: 5px; margin-top: 2px;">[v0.2.122.4]</span><br /><img id="linkpluginchrome" src="images/chrome_256x256.png" /><img id="linkpluginfirefox" src="images/firefox_256x256.png" /><img id="linkpluginopera" src="images/opera_256x256.png" /></div>]&nbsp;[<a id="linklanguage-en" href="#" tabindex="700">EN</a>&nbsp;<a id="linklanguage-nl" class="current" href="#" tabindex="700">NL</a>]&nbsp;[<a href="index.php?do=logout" tabindex="800" data-translation="link_logout">Log uit</a>]</span> <span id="user"><span data-translation="span_loggedinas">Ingelogd als</span>&nbsp;%1$s&nbsp;---&nbsp;[<a id="linklanguage-en" href="#" tabindex="700">EN</a>&nbsp;<a id="linklanguage-nl" class="current" href="#" tabindex="700">NL</a>]&nbsp;[<a href="#" tabindex="800" data-translation="link_logout">Log uit</a>]</span>
<!-- <fieldset style="clear: both;"> <fieldset style="clear: both;">
<legend>Beheer Account</legend> <legend>Beheer Gebruikers</legend>
<ul> <ul>
<li> <li>
</li> </li>
<li> <li>
<button id="btnaliasadd" class="bttn-simple bttn-xs bttn-primary" tabindex="200" data-translation="button_add">voeg toe</button> <button id="btnaliasadd" class="bttn-simple bttn-xs bttn-primary" tabindex="200" data-translation="button_add">voeg toe</button>
</li> </li>
<li> <li>
<label id="labelallaliases" class="pre" for="allaliases" data-translation="label_allaliases">Alle aliassen:</label><output id="aliasstats">[--]</output> <label id="labelallaliases" class="pre" for="allaliases" data-translation="label_allaliases">Alle aliassen:</label><output id="aliasstats">[--]</output>
<select id="allaliases" size="10" multiple="multiple" tabindex="300"> <select id="allaliases" size="10" multiple="multiple" tabindex="300">
</select> </select>
</li> </li>
<li> <li>
<button id="btnaliasdelete" class="bttn-simple bttn-xs bttn-primary" tabindex="400" data-translation="button_delete">verwijder</button> <button id="btnaliasdelete" class="bttn-simple bttn-xs bttn-primary" tabindex="400" data-translation="button_delete">verwijder</button>
</li> </li>
<li> <li>
<button id="btnsync" class="bttn-simple bttn-xs bttn-primary" style="background-position: center;" tabindex="500" data-translation="button_sync">synchroniseer</button> <button id="btnsync" class="bttn-simple bttn-xs bttn-primary" style="background-position: center;" tabindex="500" data-translation="button_sync">synchroniseer</button>
</li> </li>
</ul> </ul>
</fieldset> </fieldset>
--> MANAGE;
MANAGE;
$contentLayout['dialog'] = <<<DIALOG
<ul class="dialog">
<li>
<!--REPL_DIALOGDESC-->
</li>
<li>
<button id="btnhome" class="bttn-simple bttn-xs bttn-primary" tabindex="400" data-translation="button_home">ga naar startpagina</button>
</li>
</ul>
DIALOG;
?> ?>

104
lucidAuth.config.php.example
View File

@ -1,53 +1,53 @@
<?php <?php
error_reporting(E_ALL & ~E_NOTICE); error_reporting(E_ALL & ~E_NOTICE);
include_once('include/JWT/JWT.php'); include_once('include/JWT/JWT.php');
return (object) array( return (object) array(
'LDAP' => [ 'LDAP' => [
'Server' => 'server.domain.tld', 'Server' => 'server.domain.tld',
// FQDN of the LDAP-server // FQDN of the LDAP-server
'Port' => 389, 'Port' => 389,
// Port of the LDAP-server; default port is 389 // Port of the LDAP-server; default port is 389
'BaseDN' => 'OU=Users,DC=domain,DC=tld', 'BaseDN' => 'OU=Users,DC=domain,DC=tld',
// Location of your useraccounts // Location of your useraccounts
// Syntax: // Syntax:
// 'OU=container,DC=domain,DC=tld' // 'OU=container,DC=domain,DC=tld'
'Domain' => 'domain' 'Domain' => 'domain'
// Specify the NetBios name of the domain; to allow users to log on with just their usernames. // Specify the NetBios name of the domain; to allow users to log on with just their usernames.
], ],
'Sqlite' => [ 'Sqlite' => [
'Path' => '../data/lucidAuth.sqlite.db' 'Path' => '../data/lucidAuth.sqlite.db'
// Relative path to the location where the database should be stored // Relative path to the location where the database should be stored
], ],
'JWT' => [ 'JWT' => [
'PrivateKey_base64' => '', 'PrivateKey_base64' => '',
// A base64-encoded random (preferably long) string (see https://www.base64encode.org/) // A base64-encoded random (preferably long) string (see https://www.base64encode.org/)
'Algorithm' => [ 'Algorithm' => [
'HS256', 'HS256',
] ]
], ],
'Session' => [ 'Session' => [
'Duration' => 2592000, 'Duration' => 2592000,
// In seconds (2592000 is equivalent to 30 days) // In seconds (2592000 is equivalent to 30 days)
'CrossDomainLogin' => False, 'CrossDomainLogin' => False,
// Set this to True if SingleSignOn (albeit rudementary) is desired // Set this to True if SingleSignOn (albeit rudementary) is desired
// (cookies are inheritently unaware of each other; clearing cookies for one domain does not affect other domains) // (cookies are inheritently unaware of each other; clearing cookies for one domain does not affect other domains)
'CookieDomains' => [ 'CookieDomains' => [
'domain1.tld' #, 'domain2.tld', 'subdomain.domain3.tld' 'domain1.tld' #, 'domain2.tld', 'subdomain.domain3.tld'
] ]
// Domain(s) that will be used to set cookie-domains to // Domain(s) that will be used to set cookie-domains to
// (multiple domains are allowed; remove the '#' above) // (multiple domains are allowed; remove the '#' above)
], ],
'Debug' => [ 'Debug' => [
'Verbose' => False, 'Verbose' => False,
'LogToFile' => False 'LogToFile' => False
] ]
); );
?> ?>

27
public/example.php Normal file
View File

@ -0,0 +1,27 @@
<?php
// Basic example of PHP script to handle with jQuery-Tabledit plug-in.
// Note that is just an example. Should take precautions such as filtering the input data.
header('Content-Type: application/json');
$input = filter_input_array(INPUT_POST);
$mysqli = new mysqli('localhost', 'user', 'password', 'database');
if (mysqli_connect_errno()) {
echo json_encode(array('mysqli' => 'Failed to connect to MySQL: ' . mysqli_connect_error()));
exit;
}
if ($input['action'] === 'edit') {
$mysqli->query("UPDATE users SET username='" . $input['username'] . "', email='" . $input['email'] . "', avatar='" . $input['avatar'] . "' WHERE id='" . $input['id'] . "'");
} else if ($input['action'] === 'delete') {
$mysqli->query("UPDATE users SET deleted=1 WHERE id='" . $input['id'] . "'");
} else if ($input['action'] === 'restore') {
$mysqli->query("UPDATE users SET deleted=0 WHERE id='" . $input['id'] . "'");
}
mysqli_close($mysqli);
echo json_encode($input);

132
public/lucidAuth.login.php
View File

@ -1,61 +1,73 @@
<?php <?php
error_reporting(E_ALL ^ E_NOTICE); error_reporting(E_ALL ^ E_NOTICE);
include_once('../include/lucidAuth.functions.php'); include_once('../include/lucidAuth.functions.php');
if ($_POST['do'] == 'login') { if ($_POST['do'] == 'login') {
$result = authenticateLDAP($_POST['username'], $_POST['password']); $result = authenticateLDAP($_POST['username'], $_POST['password']);
if ($result['status'] === 'Success') { if ($result['status'] === 'Success') {
// Store authentication token; in database serverside & in cookie clientside // Store authentication token; in database serverside & in cookie clientside
if (storeToken($result['token'], $settings->LDAP['Domain'] . '\\' . $_POST['username'], $_SERVER['HTTP_HOST'])['status'] !== 'Success') { if (storeToken($result['token'], $settings->LDAP['Domain'] . '\\' . $_POST['username'], $_SERVER['HTTP_HOST'])['status'] !== 'Success') {
// Since this action is only ever called through an AJAX-request; return JSON object // Return JSON object
echo '{"Result":"Fail","Reason":"Failed storing authentication token in database and/or cookie"}' . PHP_EOL; header('Content-Type: application/json');
exit; echo json_encode([
} "Result" => "Failure",
"Reason" => "Failed storing authentication token in database and/or cookie"
// Convert base64 encoded string back from JSON; ]);
// forcing it into an associative array (instead of javascript's default StdClass object) # echo '{"Result":"Fail","Reason":"Failed storing authentication token in database and/or cookie"}' . PHP_EOL;
try { exit;
$proxyHeaders = json_decode(base64_decode($_POST['ref']), JSON_OBJECT_AS_ARRAY); }
}
catch (Exception $e) { // Convert base64 encoded string back from JSON;
// Since this action is only ever called through an AJAX-request; return JSON object // forcing it into an associative array (instead of javascript's default StdClass object)
echo '{"Result":"Fail","Reason":"Original request URI lost in transition"}' . PHP_EOL; try {
exit; $proxyHeaders = json_decode(base64_decode($_POST['ref']), JSON_OBJECT_AS_ARRAY);
} }
$originalUri = !empty($proxyHeaders) ? $proxyHeaders['XForwardedProto'] . '://' . $proxyHeaders['XForwardedHost'] . $proxyHeaders['XForwardedUri'] : 'lucidAuth.manage.php'; catch (Exception $e) {
// Return JSON object
// Since this request is only ever called through an AJAX-request; return JSON object header('Content-Type: application/json');
header('Content-Type: application/json'); echo json_encode([
echo json_encode([ "Result" => "Failure",
"Result" => "Success", "Reason" => "Original request-URI lost in transition"
"Location" => $originalUri, ]);
"CrossDomainLogin" => $settings->Session['CrossDomainLogin'] # echo '{"Result":"Fail","Reason":"Original request URI lost in transition"}' . PHP_EOL;
]); exit;
} else { }
switch ($result['reason']) { $originalUri = !empty($proxyHeaders) ? $proxyHeaders['XForwardedProto'] . '://' . $proxyHeaders['XForwardedHost'] . $proxyHeaders['XForwardedUri'] : 'lucidAuth.manage.php';
case '1':
header('Content-Type: application/json'); // Return JSON object
echo json_encode([ header('Content-Type: application/json');
"Result" => "Failure", echo json_encode([
"Reason" => "Invalid username and/or password" "Result" => "Success",
]); "Location" => $originalUri,
# echo '{"Result":"Fail","Reason":"Invalid username and/or password"}' . PHP_EOL; "CrossDomainLogin" => $settings->Session['CrossDomainLogin']
break; ]);
default: } else {
header('Content-Type: application/json'); switch ($result['reason']) {
echo json_encode([ case '1':
"Result" => "Failure", header('Content-Type: application/json');
"Reason" => "Uncaught error" echo json_encode([
]); "Result" => "Failure",
# echo '{"Result":"Fail","Reason":"Uncaught error"}' . PHP_EOL; "Reason" => "Invalid username and/or password"
break; ]);
} break;
} default:
} else { header('Content-Type: application/json');
include_once('../include/lucidAuth.template.php'); echo json_encode([
"Result" => "Failure",
echo sprintf($pageLayout['full'], $contentLayout['login']); "Reason" => "Uncaught error"
} ]);
break;
}
}
} else {
include_once('../include/lucidAuth.template.php');
echo sprintf($pageLayout['full'],
sprintf($contentLayout['login'],
$_GET['ref']
)
);
}
?> ?>

44
public/lucidAuth.manage.php
View File

@ -1,19 +1,27 @@
<?php <?php
error_reporting(E_ALL ^ E_NOTICE); error_reporting(E_ALL ^ E_NOTICE);
include_once('../include/lucidAuth.functions.php'); include_once('../include/lucidAuth.functions.php');
if (!empty($_COOKIE['JWT']) && validateToken($_COOKIE['JWT'])['status'] === "Success") { if (!empty($_COOKIE['JWT'])) {
include_once('../include/lucidAuth.template.php'); $validateTokenResult = validateToken($_COOKIE['JWT']);
}
echo sprintf($pageLayout['full'], $contentLayout['manage']);
} else { if ($validateTokenResult['status'] === "Success") {
// No cookie containing valid authentication token found; include_once('../include/lucidAuth.template.php');
// explicitly deleting any remaining cookie, then redirecting to loginpage
setcookie('JWT', FALSE); echo sprintf($pageLayout['full'],
sprintf($contentLayout['manage'],
header("HTTP/1.1 401 Unauthorized"); $validateTokenResult['name']
header("Location: lucidAuth.login.php"); )
} );
} else {
// No cookie containing valid authentication token found;
// explicitly deleting any remaining cookie, then redirecting to loginpage
setcookie('JWT', FALSE);
header("HTTP/1.1 401 Unauthorized");
header("Location: lucidAuth.login.php");
}
?> ?>

46
public/lucidAuth.setXDomainCookie.php
View File

@ -1,24 +1,24 @@
<?php <?php
error_reporting(E_ALL ^ E_NOTICE); error_reporting(E_ALL ^ E_NOTICE);
include_once('../include/lucidAuth.functions.php'); include_once('../include/lucidAuth.functions.php');
// Start with checking $_REQUEST['ref'] // Start with checking $_REQUEST['ref']
// What do we need? // What do we need?
// token again? // token again?
// approach 1: // approach 1:
// origin domain, so we can intersect with $settings->Session['CookieDomains'] and iterate through the remaining domains, serving them in one page (which contains iframes already) // origin domain, so we can intersect with $settings->Session['CookieDomains'] and iterate through the remaining domains, serving them in one page (which contains iframes already)
// this might be slower because it means one additional roundtrip between client and server // this might be slower because it means one additional roundtrip between client and server
// approach 2: // approach 2:
// let the client setup multiple iframes for all domains other than origin domains // let the client setup multiple iframes for all domains other than origin domains
// this requires passing an array of domains to the client in asynchronous reply; which feels insecure // this requires passing an array of domains to the client in asynchronous reply; which feels insecure
include_once('../include/lucidAuth.template.php'); include_once('../include/lucidAuth.template.php');
echo sprintf($pageLayout['bare', echo sprintf($pageLayout['bare'],
'// iFrames go here' '// iFrames go here'
); );
?> ?>

82
public/lucidAuth.validateRequest.php
View File

@ -1,42 +1,42 @@
<?php <?php
error_reporting(E_ALL ^ E_NOTICE); error_reporting(E_ALL ^ E_NOTICE);
include_once('../include/lucidAuth.functions.php'); include_once('../include/lucidAuth.functions.php');
$proxyHeaders = array(); $proxyHeaders = array();
foreach ($_SERVER as $key => $value) { foreach ($_SERVER as $key => $value) {
if (strpos($key, 'HTTP_') === 0) { if (strpos($key, 'HTTP_') === 0) {
// Trim and then convert all headers to camelCase // Trim and then convert all headers to camelCase
$proxyHeaders[str_replace(' ', '', ucwords(str_replace('_', ' ', strtolower(substr($key, 5)))))] = $value; $proxyHeaders[str_replace(' ', '', ucwords(str_replace('_', ' ', strtolower(substr($key, 5)))))] = $value;
} }
} }
// Keep only headers relevant for proxying // Keep only headers relevant for proxying
$proxyHeaders = array_filter($proxyHeaders, function ($key) { $proxyHeaders = array_filter($proxyHeaders, function ($key) {
return substr($key, 0, 10) === 'XForwarded'; return substr($key, 0, 10) === 'XForwarded';
}, ARRAY_FILTER_USE_KEY); }, ARRAY_FILTER_USE_KEY);
// For debugging purposes - enable it in ../lucidAuth.config.php // For debugging purposes - enable it in ../lucidAuth.config.php
if ($settings->Debug['LogToFile']) { if ($settings->Debug['LogToFile']) {
file_put_contents('../requestHeaders.log', (new DateTime())->format('Y-m-d\TH:i:s.u') . ' --- ' . (json_encode($proxyHeaders, JSON_FORCE_OBJECT)) . PHP_EOL, FILE_APPEND); file_put_contents('../requestHeaders.log', (new DateTime())->format('Y-m-d\TH:i:s.u') . ' --- ' . (json_encode($proxyHeaders, JSON_FORCE_OBJECT)) . PHP_EOL, FILE_APPEND);
} }
if (sizeof($proxyHeaders) === 0) { if (sizeof($proxyHeaders) === 0) {
// Non-proxied request; this is senseless, go fetch! // Non-proxied request; this is senseless, go fetch!
header("HTTP/1.1 403 Forbidden"); header("HTTP/1.1 403 Forbidden");
exit; exit;
} }
if (!empty($_COOKIE['JWT']) && validateToken($_COOKIE['JWT'])['status'] === "Success") { if (!empty($_COOKIE['JWT']) && validateToken($_COOKIE['JWT'])['status'] === "Success") {
// Valid authentication token found // Valid authentication token found
header("HTTP/1.1 202 Accepted"); header("HTTP/1.1 202 Accepted");
exit; exit;
} else { } else {
// No cookie containing valid authentication token found; // No cookie containing valid authentication token found;
// explicitly deleting any remaining cookie, then redirecting to loginpage // explicitly deleting any remaining cookie, then redirecting to loginpage
setcookie('JWT', FALSE); setcookie('JWT', FALSE);
header("HTTP/1.1 401 Unauthorized"); header("HTTP/1.1 401 Unauthorized");
header("Location: lucidAuth.login.php?ref=" . base64_encode(json_encode($proxyHeaders))); header("Location: lucidAuth.login.php?ref=" . base64_encode(json_encode($proxyHeaders)));
} }
?> ?>

112
public/misc/script.index.js
View File

@ -1,57 +1,57 @@
$(document).ready(function(){ $(document).ready(function(){
// Allow user to press enter to submit credentials // Allow user to press enter to submit credentials
$('#username, #password').keypress(function(event) { $('#username, #password').keypress(function(event) {
if (event.which === 13) { if (event.which === 13) {
$('#btnlogin').trigger('click'); $('#btnlogin').trigger('click');
} }
}); });
$('#btnlogin').click(function() { $('#btnlogin').click(function() {
// Give feedback that request has been submitted (and prevent repeated requests) // Give feedback that request has been submitted (and prevent repeated requests)
$('#btnlogin').prop('disabled', true).css({ $('#btnlogin').prop('disabled', true).css({
'background': '#999 url(data:image/gif;base64,R0lGODlhEAAQAPIAAJmZmf///7CwsOPj4////9fX18rKysPDwyH+GkNyZWF0ZWQgd2l0aCBhamF4bG9hZC5pbmZvACH5BAAKAAAAIf8LTkVUU0NBUEUyLjADAQAAACwAAAAAEAAQAAADMwi63P4wyklrE2MIOggZnAdOmGYJRbExwroUmcG2LmDEwnHQLVsYOd2mBzkYDAdKa+dIAAAh+QQACgABACwAAAAAEAAQAAADNAi63P5OjCEgG4QMu7DmikRxQlFUYDEZIGBMRVsaqHwctXXf7WEYB4Ag1xjihkMZsiUkKhIAIfkEAAoAAgAsAAAAABAAEAAAAzYIujIjK8pByJDMlFYvBoVjHA70GU7xSUJhmKtwHPAKzLO9HMaoKwJZ7Rf8AYPDDzKpZBqfvwQAIfkEAAoAAwAsAAAAABAAEAAAAzMIumIlK8oyhpHsnFZfhYumCYUhDAQxRIdhHBGqRoKw0R8DYlJd8z0fMDgsGo/IpHI5TAAAIfkEAAoABAAsAAAAABAAEAAAAzIIunInK0rnZBTwGPNMgQwmdsNgXGJUlIWEuR5oWUIpz8pAEAMe6TwfwyYsGo/IpFKSAAAh+QQACgAFACwAAAAAEAAQAAADMwi6IMKQORfjdOe82p4wGccc4CEuQradylesojEMBgsUc2G7sDX3lQGBMLAJibufbSlKAAAh+QQACgAGACwAAAAAEAAQAAADMgi63P7wCRHZnFVdmgHu2nFwlWCI3WGc3TSWhUFGxTAUkGCbtgENBMJAEJsxgMLWzpEAACH5BAAKAAcALAAAAAAQABAAAAMyCLrc/jDKSatlQtScKdceCAjDII7HcQ4EMTCpyrCuUBjCYRgHVtqlAiB1YhiCnlsRkAAAOwAAAAAAAAAAAA==) no-repeat center', 'background': '#999 url(data:image/gif;base64,R0lGODlhEAAQAPIAAJmZmf///7CwsOPj4////9fX18rKysPDwyH+GkNyZWF0ZWQgd2l0aCBhamF4bG9hZC5pbmZvACH5BAAKAAAAIf8LTkVUU0NBUEUyLjADAQAAACwAAAAAEAAQAAADMwi63P4wyklrE2MIOggZnAdOmGYJRbExwroUmcG2LmDEwnHQLVsYOd2mBzkYDAdKa+dIAAAh+QQACgABACwAAAAAEAAQAAADNAi63P5OjCEgG4QMu7DmikRxQlFUYDEZIGBMRVsaqHwctXXf7WEYB4Ag1xjihkMZsiUkKhIAIfkEAAoAAgAsAAAAABAAEAAAAzYIujIjK8pByJDMlFYvBoVjHA70GU7xSUJhmKtwHPAKzLO9HMaoKwJZ7Rf8AYPDDzKpZBqfvwQAIfkEAAoAAwAsAAAAABAAEAAAAzMIumIlK8oyhpHsnFZfhYumCYUhDAQxRIdhHBGqRoKw0R8DYlJd8z0fMDgsGo/IpHI5TAAAIfkEAAoABAAsAAAAABAAEAAAAzIIunInK0rnZBTwGPNMgQwmdsNgXGJUlIWEuR5oWUIpz8pAEAMe6TwfwyYsGo/IpFKSAAAh+QQACgAFACwAAAAAEAAQAAADMwi6IMKQORfjdOe82p4wGccc4CEuQradylesojEMBgsUc2G7sDX3lQGBMLAJibufbSlKAAAh+QQACgAGACwAAAAAEAAQAAADMgi63P7wCRHZnFVdmgHu2nFwlWCI3WGc3TSWhUFGxTAUkGCbtgENBMJAEJsxgMLWzpEAACH5BAAKAAcALAAAAAAQABAAAAMyCLrc/jDKSatlQtScKdceCAjDII7HcQ4EMTCpyrCuUBjCYRgHVtqlAiB1YhiCnlsRkAAAOwAAAAAAAAAAAA==) no-repeat center',
'color': 'transparent', 'color': 'transparent',
'transform': 'rotateX(180deg)' 'transform': 'rotateX(180deg)'
}); });
$.post("lucidAuth.login.php", { $.post("lucidAuth.login.php", {
do: "login", do: "login",
username: $('#username').val(), username: $('#username').val(),
password: $('#password').val(), password: $('#password').val(),
ref: $('#ref').val() ref: $('#ref').val()
}) })
.done(function(data,status) { .done(function(data,status) {
if (data.Result === 'Success') { if (data.Result === 'Success') {
$('#btnlogin').css({ $('#btnlogin').css({
'background': 'green url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAaklEQVQ4jeXOMQ5AQBBG4T2BC4i76EWich7ncAKbqCRuodTqnMNTkFgJs3ZU4tXz/Rlj/hUQv8EpMAClFk9sjUAiHVcCnoFMwhZYgPYG575Xe46aIOyMdJx7ji9GwrEzUgOFCu8DkRp/qxU2BKCUyZR6ygAAAABJRU5ErkJggg==) no-repeat center', 'background': 'green url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAaklEQVQ4jeXOMQ5AQBBG4T2BC4i76EWich7ncAKbqCRuodTqnMNTkFgJs3ZU4tXz/Rlj/hUQv8EpMAClFk9sjUAiHVcCnoFMwhZYgPYG575Xe46aIOyMdJx7ji9GwrEzUgOFCu8DkRp/qxU2BKCUyZR6ygAAAABJRU5ErkJggg==) no-repeat center',
'transform': 'rotateX(0deg)' 'transform': 'rotateX(0deg)'
}); });
setTimeout(function() { setTimeout(function() {
$('#btnlogin').prop('disabled', false).css({ $('#btnlogin').prop('disabled', false).css({
'background': '#003399 linear-gradient(0deg, rgba(255,255,255,0) 0%, rgba(255,255,255,0) 50%, rgba(255,255,255,0.25) 51%) no-repeat center', 'background': '#003399 linear-gradient(0deg, rgba(255,255,255,0) 0%, rgba(255,255,255,0) 50%, rgba(255,255,255,0.25) 51%) no-repeat center',
'color': '#FFF' 'color': '#FFF'
}); });
if (data.CrossDomainLogin) { if (data.CrossDomainLogin) {
// Create iframes for other domains // Create iframes for other domains
console.log('CrossDomainLogin initiated'); console.log('CrossDomainLogin initiated');
} }
console.log("Navigating to :" + data.Location); console.log("Navigating to :" + data.Location);
window.location.replace(data.Location); window.location.replace(data.Location);
}, 2250); }, 2250);
} else { } else {
$('#btnlogin').css({ $('#btnlogin').css({
'background': 'red url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAv0lEQVQ4jaWT0Q3CMAxELwh1BEag87AJ6hcLlE/KBLABrNEV2h26QaXHj4NMGgpS7sfJJXd24kQqRMiRQC3pIKk2apD0DCEMq25ABZyBmSVmW6vWxH1GmKLPmph7xJQReq5dnNmVPQE7oHOCzrhoMts9vQ1OSbYOCBb92OPkDe6ZkqMwJwa4SdJmtS1/YGsx7e9VUiPpYvPG4tHtGUsvcf+RkpI2mkHZQ3ImLd+fcpuKf32meM5R0iOEMOb2F+EF33vgCePVr8UAAAAASUVORK5CYII=) no-repeat center', 'background': 'red url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAv0lEQVQ4jaWT0Q3CMAxELwh1BEag87AJ6hcLlE/KBLABrNEV2h26QaXHj4NMGgpS7sfJJXd24kQqRMiRQC3pIKk2apD0DCEMq25ABZyBmSVmW6vWxH1GmKLPmph7xJQReq5dnNmVPQE7oHOCzrhoMts9vQ1OSbYOCBb92OPkDe6ZkqMwJwa4SdJmtS1/YGsx7e9VUiPpYvPG4tHtGUsvcf+RkpI2mkHZQ3ImLd+fcpuKf32meM5R0iOEMOb2F+EF33vgCePVr8UAAAAASUVORK5CYII=) no-repeat center',
'transform': 'rotateX(0deg)' 'transform': 'rotateX(0deg)'
}); });
setTimeout(function() { setTimeout(function() {
$('#btnlogin').prop('disabled', false).css({ $('#btnlogin').prop('disabled', false).css({
'background': '#003399 linear-gradient(0deg, rgba(255,255,255,0) 0%, rgba(255,255,255,0) 50%, rgba(255,255,255,0.25) 51%) no-repeat center', 'background': '#003399 linear-gradient(0deg, rgba(255,255,255,0) 0%, rgba(255,255,255,0) 50%, rgba(255,255,255,0.25) 51%) no-repeat center',
'color': '#FFF' 'color': '#FFF'
}); });
// TODO: Add feedback (based on data.Reason) // TODO: Add feedback (based on data.Reason)
// Is the redirect needed? // Is the redirect needed?
window.location.replace('lucidAuth.login.php'/*+ '?reason=' + data.Reason*/); window.location.replace('lucidAuth.login.php'/*+ '?reason=' + data.Reason*/);
}, 2250); }, 2250);
} }
}); });
}); });
}); });

6
public/misc/script.table.min.js vendored Normal file
View File

File diff suppressed because one or more lines are too long

36
public/misc/script.theme.js
View File

@ -1,19 +1,19 @@
$(document).ready(function() { $(document).ready(function() {
if (localStorage.getItem('theme') != '') { if (localStorage.getItem('theme') != '') {
$('html').addClass(localStorage.getItem('theme')); $('html').addClass(localStorage.getItem('theme'));
} }
$('.logo .sub').on('click', function(event) { $('.logo .sub').on('click', function(event) {
if (event.ctrlKey) { if (event.ctrlKey) {
var classes = ["tablecloth", "weave", "madras", "tartan", "seigaiha"]; var classes = ["tablecloth", "weave", "madras", "tartan", "seigaiha"];
var selectedTheme = classes[~~(Math.random()*classes.length)]; var selectedTheme = classes[~~(Math.random()*classes.length)];
$('html').removeClass().addClass(selectedTheme); $('html').removeClass().addClass(selectedTheme);
localStorage.setItem('theme', selectedTheme); localStorage.setItem('theme', selectedTheme);
} }
if (event.altKey) { if (event.altKey) {
$('html').removeClass(); $('html').removeClass();
localStorage.removeItem('theme'); localStorage.removeItem('theme');
} }
}); });
}); });

12
public/misc/script.translation.js
View File

@ -8,13 +8,9 @@ var locales = {
heading_error: "ERROR!", heading_error: "ERROR!",
label_password: "Password:", label_password: "Password:",
label_username: "Username:", label_username: "Username:",
label_selectbrowser: "Select browser:",
link_install: "Install!",
link_logout: "Logout", link_logout: "Logout",
link_plugin: "Browser plugin",
span_credentialsavailable: "Login credentials available upon request!", span_credentialsavailable: "Login credentials available upon request!",
span_loggedinas: "Logged in as", span_loggedinas: "Logged in as"
span_plugin: "Browser plugin?"
}, },
nl: { nl: {
button_add: "voeg toe", button_add: "voeg toe",
@ -25,13 +21,9 @@ var locales = {
heading_error: "FOUT!", heading_error: "FOUT!",
label_password: "Wachtwoord:", label_password: "Wachtwoord:",
label_username: "Gebruikersnaam:", label_username: "Gebruikersnaam:",
label_selectbrowser: "Selecteer browser:",
link_install: "Installeer!",
link_logout: "Log uit", link_logout: "Log uit",
link_plugin: "Browser plugin",
span_credentialsavailable: "Inloggegevens verkrijgbaar op aanvraag!", span_credentialsavailable: "Inloggegevens verkrijgbaar op aanvraag!",
span_loggedinas: "Ingelogd als", span_loggedinas: "Ingelogd als"
span_plugin: "Browser plugin?"
} // ... etc. } // ... etc.
}; };

278
public/misc/style.button.css
View File

@ -1,139 +1,139 @@
@charset "UTF-8"; @charset "UTF-8";
/*! /*!
* *
* bttn.css - https://ganapativs.github.io/bttn.css * bttn.css - https://ganapativs.github.io/bttn.css
* Version - 0.2.4 * Version - 0.2.4
* Demo: https://bttn.surge.sh * Demo: https://bttn.surge.sh
* *
* Licensed under the MIT license - http://opensource.org/licenses/MIT * Licensed under the MIT license - http://opensource.org/licenses/MIT
* *
* Copyright (c) 2016 Ganapati V S (@ganapativs) * Copyright (c) 2016 Ganapati V S (@ganapativs)
* *
*/ */
/* standalone - .bttn-simple */ /* standalone - .bttn-simple */
.bttn-default { .bttn-default {
color: #fff; color: #fff;
} }
.bttn-primary, .bttn-primary,
.bttn, .bttn,
.bttn-lg, .bttn-lg,
.bttn-md, .bttn-md,
.bttn-sm, .bttn-sm,
.bttn-xs { .bttn-xs {
color: #1d89ff; color: #1d89ff;
} }
.bttn-warning { .bttn-warning {
color: #feab3a; color: #feab3a;
} }
.bttn-danger { .bttn-danger {
color: #ff5964; color: #ff5964;
} }
.bttn-success { .bttn-success {
color: #28b78d; color: #28b78d;
} }
.bttn-royal { .bttn-royal {
color: #bd2df5; color: #bd2df5;
} }
.bttn, .bttn,
.bttn-lg, .bttn-lg,
.bttn-md, .bttn-md,
.bttn-sm, .bttn-sm,
.bttn-xs { .bttn-xs {
margin: 0; margin: 0;
padding: 0; padding: 0;
border-width: 0; border-width: 0;
border-color: transparent; border-color: transparent;
background: transparent; background: transparent;
font-weight: 400; font-weight: 400;
cursor: pointer; cursor: pointer;
position: relative; position: relative;
} }
.bttn-lg { .bttn-lg {
padding: 8px 15px; padding: 8px 15px;
font-size: 24px; font-size: 24px;
font-family: inherit; font-family: inherit;
} }
.bttn-md { .bttn-md {
font-size: 20px; font-size: 20px;
font-family: inherit; font-family: inherit;
padding: 5px 12px; padding: 5px 12px;
} }
.bttn-sm { .bttn-sm {
padding: 4px 10px; padding: 4px 10px;
font-size: 16px; font-size: 16px;
font-family: inherit; font-family: inherit;
} }
.bttn-xs { .bttn-xs {
padding: 3px 8px; padding: 3px 8px;
font-size: 12px; font-size: 12px;
font-family: inherit; font-family: inherit;
} }
.bttn-simple { .bttn-simple {
margin: 0; margin: 0;
padding: 0; padding: 0;
border-width: 0; border-width: 0;
border-color: transparent; border-color: transparent;
border-radius: 4px; border-radius: 4px;
background: transparent; background: transparent;
font-weight: 400; font-weight: 400;
cursor: pointer; cursor: pointer;
position: relative; position: relative;
font-size: 20px; font-size: 20px;
font-family: inherit; font-family: inherit;
padding: 5px 12px; padding: 5px 12px;
overflow: hidden; overflow: hidden;
background: rgba(255,255,255,0.4); background: rgba(255,255,255,0.4);
color: #fff; color: #fff;
-webkit-transition: all 0.3s cubic-bezier(0.02, 0.01, 0.47, 1); -webkit-transition: all 0.3s cubic-bezier(0.02, 0.01, 0.47, 1);
transition: all 0.3s cubic-bezier(0.02, 0.01, 0.47, 1); transition: all 0.3s cubic-bezier(0.02, 0.01, 0.47, 1);
} }
.bttn-simple:hover, .bttn-simple:hover,
.bttn-simple:focus { .bttn-simple:focus {
opacity: 0.75; opacity: 0.75;
} }
.bttn-simple.bttn-xs { .bttn-simple.bttn-xs {
padding: 3px 8px; padding: 3px 8px;
font-size: 12px; font-size: 12px;
font-family: inherit; font-family: inherit;
} }
.bttn-simple.bttn-sm { .bttn-simple.bttn-sm {
padding: 4px 10px; padding: 4px 10px;
font-size: 16px; font-size: 16px;
font-family: inherit; font-family: inherit;
} }
.bttn-simple.bttn-md { .bttn-simple.bttn-md {
font-size: 20px; font-size: 20px;
font-family: inherit; font-family: inherit;
padding: 5px 12px; padding: 5px 12px;
} }
.bttn-simple.bttn-lg { .bttn-simple.bttn-lg {
padding: 8px 15px; padding: 8px 15px;
font-size: 24px; font-size: 24px;
font-family: inherit; font-family: inherit;
} }
.bttn-simple.bttn-default { .bttn-simple.bttn-default {
background: rgba(255,255,255,0.4); background: rgba(255,255,255,0.4);
} }
.bttn-simple.bttn-primary { .bttn-simple.bttn-primary {
background: #003399; background: #003399;
background-image: linear-gradient(0deg, rgba(255,255,255,0) 0%, rgba(255,255,255,0) 50%, rgba(255,255,255,0.25) 51%); background-image: linear-gradient(0deg, rgba(255,255,255,0) 0%, rgba(255,255,255,0) 50%, rgba(255,255,255,0.25) 51%);
} }
.bttn-simple.bttn-warning { .bttn-simple.bttn-warning {
background: #feab3a; background: #feab3a;
} }
.bttn-simple.bttn-danger { .bttn-simple.bttn-danger {
background: #ff5964; background: #ff5964;
} }
.bttn-simple.bttn-success { .bttn-simple.bttn-success {
background: #28b78d; background: #28b78d;
} }
.bttn-simple.bttn-royal { .bttn-simple.bttn-royal {
background: #bd2df5; background: #bd2df5;
} }
.bttn-simple.disabled { .bttn-simple.disabled {
background: #999 !important; background: #999 !important;
color: rgba(255,255,255,0.625); color: rgba(255,255,255,0.625);
cursor: default; cursor: default;
text-shadow: 0.375px 0.375px 0 rgba(140,140,140,0.6), -0.375px -0.375px 0.375px rgba(0,0,0,0.67); text-shadow: 0.375px 0.375px 0 rgba(140,140,140,0.6), -0.375px -0.375px 0.375px rgba(0,0,0,0.67);
opacity: 1; opacity: 1;
} }

476
public/misc/style.css
View File

@ -1,238 +1,238 @@
* { * {
font-family: Tahoma, sans-serif; font-family: Tahoma, sans-serif;
font-size: 16px; font-size: 16px;
margin: 0; margin: 0;
padding: 0; padding: 0;
} }
body { body {
color: #000000; color: #000000;
background-color: #333333; background-color: #333333;
margin: 0px; margin: 0px;
} }
#horizon { #horizon {
text-align: center; text-align: center;
position: absolute; position: absolute;
top: 50%; top: 50%;
left: 0px; left: 0px;
width: 100%; width: 100%;
height: 1px; height: 1px;
overflow: visible; overflow: visible;
visibility: visible; visibility: visible;
display: block; display: block;
} }
#content { #content {
background: url(/images/bg_main_bottom.gif) repeat-x bottom left; background: url(/images/bg_main_bottom.gif) repeat-x bottom left;
font-family: Tahoma, sans-serif; font-family: Tahoma, sans-serif;
border: 3px solid #CCCCCC; border: 3px solid #CCCCCC;
background-color: #FFFFFF; background-color: #FFFFFF;
position: absolute; position: absolute;
left: 50%; left: 50%;
visibility: visible; visibility: visible;
border-radius: 5px; border-radius: 5px;
top: -125px; top: -125px;
margin-left: -225px; margin-left: -225px;
height: 220px; height: 220px;
width: 450px; width: 450px;
} }
#error .main { #error .main {
padding: 0 10px; padding: 0 10px;
} }
#error ol { #error ol {
margin: 10px 0; margin: 10px 0;
} }
#error span { #error span {
margin: 0; margin: 0;
} }
#error button { #error button {
text-transform: uppercase; text-transform: uppercase;
} }
.logo { .logo {
background: url(/images/bg_header.gif) repeat-x top left; background: url(/images/bg_header.gif) repeat-x top left;
height: 45px; height: 45px;
z-index: 50; z-index: 50;
border-radius: 5px 5px 0 0; border-radius: 5px 5px 0 0;
} }
.logo .left { .logo .left {
background: url(/images/bg_header_l.gif) no-repeat top left; background: url(/images/bg_header_l.gif) no-repeat top left;
position: relative; position: relative;
top: 4px; top: 4px;
left: 5px; left: 5px;
height: 49px; height: 49px;
float: left; float: left;
z-index: 48; z-index: 48;
} }
.logo .middle { .logo .middle {
background: url(/images/bg_header_m.gif) no-repeat 25px 0; background: url(/images/bg_header_m.gif) no-repeat 25px 0;
margin: 0 5px; margin: 0 5px;
padding: 5px 10px 0; padding: 5px 10px 0;
height: 49px; height: 49px;
float: left; float: left;
z-index: 49; z-index: 49;
display: inline; display: inline;
font-size: 18px; font-size: 18px;
font-weight: bold; font-weight: bold;
color: #FFFFFF; color: #FFFFFF;
} }
.logo .right { .logo .right {
background: url(/images/bg_header_r.gif) no-repeat top left; background: url(/images/bg_header_r.gif) no-repeat top left;
position: relative; position: relative;
top: 4px; top: 4px;
height: 49px; height: 49px;
width: 5px; width: 5px;
float: left; float: left;
} }
.logo .sub { .logo .sub {
margin-top: 12px; margin-top: 12px;
margin-left: 20px; margin-left: 20px;
float: left; float: left;
display: inline; display: inline;
font-size: 13px; font-size: 13px;
font-weight: bold; font-weight: bold;
color: #FFFFFF; color: #FFFFFF;
} }
.logo .sub em { .logo .sub em {
font-size: 13px; font-size: 13px;
} }
.main { .main {
clear: both; clear: both;
} }
.main fieldset { .main fieldset {
border: 0; border: 0;
} }
.main fieldset legend { .main fieldset legend {
visibility: hidden; visibility: hidden;
} }
.main fieldset label.pre { .main fieldset label.pre {
display: inline-block; display: inline-block;
width: 155px; width: 155px;
text-align: right; text-align: right;
vertical-align: top; vertical-align: top;
margin-top: 3px; margin-top: 3px;
} }
.main fieldset label#labelallaliases { .main fieldset label#labelallaliases {
float: left; float: left;
} }
.main fieldset output#aliasstats { .main fieldset output#aliasstats {
float: left; float: left;
clear: left; clear: left;
width: 160px; width: 160px;
text-align: right; text-align: right;
font-size: 12px; font-size: 12px;
} }
.main fieldset output#aliasstats:after { .main fieldset output#aliasstats:after {
margin-left: 7px; margin-left: 7px;
content: ' '; content: ' ';
} }
.main fieldset input { .main fieldset input {
border: 1px solid #003399; border: 1px solid #003399;
padding: 2px; padding: 2px;
width: 100px; width: 100px;
} }
.main fieldset input[type=radio] { .main fieldset input[type=radio] {
border: none; border: none;
margin-top: 7px; margin-top: 7px;
width: 20px; width: 20px;
} }
.main fieldset button { .main fieldset button {
margin-left: 160px; margin-left: 160px;
text-transform: uppercase; text-transform: uppercase;
} }
.main fieldset select { .main fieldset select {
border: 1px solid #003399; border: 1px solid #003399;
padding: 2px; padding: 2px;
width: 375px; width: 375px;
} }
.main fieldset select .new { .main fieldset select .new {
font-weight: bold; font-weight: bold;
} }
.main fieldset select .deleted { .main fieldset select .deleted {
text-decoration: line-through; text-decoration: line-through;
} }
.main fieldset#signup label.pre { .main fieldset#signup label.pre {
width: 205px; width: 205px;
} }
.main fieldset#signup span.indent, .main fieldset#signup input.button { .main fieldset#signup span.indent, .main fieldset#signup input.button {
margin-left: 210px; margin-left: 210px;
} }
.main li { .main li {
list-style: none; list-style: none;
padding: 5px; padding: 5px;
text-align: left; text-align: left;
} }
.main li.misc { .main li.misc {
padding: 0 5px; padding: 0 5px;
} }
.main span, .main span,
.main strong, .main strong,
.main a { .main a {
font-size: 12px; font-size: 12px;
} }
.main span.indent { .main span.indent {
color: #666666; color: #666666;
margin-left: 160px; margin-left: 160px;
} }
.main span.dialogdesc { .main span.dialogdesc {
margin-left: 10px; margin-left: 10px;
} }
.main a:link, .main a:visited { .main a:link, .main a:visited {
color: #003399; color: #003399;
text-decoration: none; text-decoration: none;
} }
.main a:hover, .main a:active { .main a:hover, .main a:active {
text-decoration: underline; text-decoration: underline;
} }
.main span#user { .main span#user {
color: #666666; color: #666666;
float: right; float: right;
margin: 0 5px 0 0; margin: 0 5px 0 0;
} }
.main span#user, .main span#user,
.main span#user a { .main span#user a {
font-size: 12px; font-size: 12px;
} }
.main span#user a:link, .main span#user a:visited { .main span#user a:link, .main span#user a:visited {
color: #001177; color: #001177;
text-decoration: none; text-decoration: none;
} }
.main span#user a:hover, .main span#user a:active { .main span#user a:hover, .main span#user a:active {
text-decoration: underline; text-decoration: underline;
} }
.main span#user a.current { .main span#user a.current {
text-decoration: none; text-decoration: none;
font-weight: 900; font-weight: 900;
cursor: default; cursor: default;
color: #666666; color: #666666;
} }
.main span#user a.current:before { .main span#user a.current:before {
content: '\00bb'; content: '\00bb';
font-weight: 100; font-weight: 100;
} }
.main span#user a.current:after { .main span#user a.current:after {
content: '\00ab'; content: '\00ab';
font-weight: 100; font-weight: 100;
} }
.main span#user nav { .main span#user nav {
display: inline; display: inline;
} }
.main span#user #pluginlogos { .main span#user #pluginlogos {
display: none; display: none;
position: absolute; position: absolute;
top: 72px; top: 72px;
right: 10px; right: 10px;
height: 112px; height: 112px;
width: 250px; width: 250px;
border: 1px solid rgb(0, 51, 153); border: 1px solid rgb(0, 51, 153);
box-shadow: black 0px 0px 20px; box-shadow: black 0px 0px 20px;
box-sizing: border-box; box-sizing: border-box;
padding-top: 5px; padding-top: 5px;
background: white; background: white;
font-size: inherit; font-size: inherit;
font-weight: bold; font-weight: bold;
} }
.main span#user #pluginlogos img { .main span#user #pluginlogos img {
width: 75px; width: 75px;
height: 75px; height: 75px;
filter: saturate(500%) contrast(200%) grayscale(100%) opacity(50%); filter: saturate(500%) contrast(200%) grayscale(100%) opacity(50%);
transition: all 375ms; transition: all 375ms;
cursor: pointer; cursor: pointer;
} }

76
public/misc/style.theme.css
View File

@ -1,39 +1,39 @@
html.tablecloth { html.tablecloth {
height: 100%; height: 100%;
background: repeating-linear-gradient(-45deg, transparent, transparent 1em, rgba(136, 136, 136, 0.4) 0, rgba(136, 136, 136, 0.1) 2em, transparent 0, transparent 1em, rgba(136, 136, 136, 0.3) 0, rgba(136, 136, 136, 0.2) 4em, transparent 0, transparent 1em, rgba(68, 68, 68, 0.6) 0, rgba(68, 68, 68, 0.2) 2em), background: repeating-linear-gradient(-45deg, transparent, transparent 1em, rgba(136, 136, 136, 0.4) 0, rgba(136, 136, 136, 0.1) 2em, transparent 0, transparent 1em, rgba(136, 136, 136, 0.3) 0, rgba(136, 136, 136, 0.2) 4em, transparent 0, transparent 1em, rgba(68, 68, 68, 0.6) 0, rgba(68, 68, 68, 0.2) 2em),
repeating-linear-gradient(45deg, transparent, transparent 1em, rgba(136, 136, 136, 0.4) 0, rgba(136, 136, 136, 0.1) 2em, transparent 0, transparent 1em, rgba(136, 136, 136, 0.3) 0, rgba(136, 136, 136, 0.2) 4em, transparent 0, transparent 1em, rgba(68, 68, 68, 0.4) 0, rgba(68, 68, 68, 0.1) 2em), #666; repeating-linear-gradient(45deg, transparent, transparent 1em, rgba(136, 136, 136, 0.4) 0, rgba(136, 136, 136, 0.1) 2em, transparent 0, transparent 1em, rgba(136, 136, 136, 0.3) 0, rgba(136, 136, 136, 0.2) 4em, transparent 0, transparent 1em, rgba(68, 68, 68, 0.4) 0, rgba(68, 68, 68, 0.1) 2em), #666;
background-blend-mode: multiply; background-blend-mode: multiply;
} }
html.weave { html.weave {
background: linear-gradient(45deg, #666 12%, transparent 0, transparent 88%, #666 0), background: linear-gradient(45deg, #666 12%, transparent 0, transparent 88%, #666 0),
linear-gradient(135deg, transparent 37%, #888 0, #888 63%, transparent 0), linear-gradient(135deg, transparent 37%, #888 0, #888 63%, transparent 0),
linear-gradient(45deg, transparent 37%, #666 0, #666 63%, transparent 0), linear-gradient(45deg, transparent 37%, #666 0, #666 63%, transparent 0),
#444; #444;
background-size: 40px 40px; background-size: 40px 40px;
} }
html.madras { html.madras {
height: 100%; height: 100%;
background-color: #e9d4b9; background-color: #e9d4b9;
background-image: repeating-linear-gradient(45deg, transparent 5px, rgba(11, 36, 45, 0.5) 5px, rgba(11, 36, 45, 0.5) 10px, rgba(211, 119, 111, 0) 10px, rgba(211, 119, 111, 0) 35px, rgba(211, 119, 111, 0.5) 35px, rgba(211, 119, 111, 0.5) 40px, rgba(11, 36, 45, 0.5) 40px, rgba(11, 36, 45, 0.5) 50px, rgba(11, 36, 45, 0) 50px, rgba(11, 36, 45, 0) 60px, rgba(211, 119, 111, 0.5) 60px, rgba(211, 119, 111, 0.5) 70px, rgba(247, 179, 85, 0.5) 70px, rgba(247, 179, 85, 0.5) 80px, rgba(247, 179, 85, 0) 80px, rgba(247, 179, 85, 0) 90px, rgba(211, 119, 111, 0.5) 90px, rgba(211, 119, 111, 0.5) 110px, rgba(211, 119, 111, 0) 110px, rgba(211, 119, 111, 0) 120px, rgba(11, 36, 45, 0.5) 120px, rgba(11, 36, 45, 0.5) 140px), background-image: repeating-linear-gradient(45deg, transparent 5px, rgba(11, 36, 45, 0.5) 5px, rgba(11, 36, 45, 0.5) 10px, rgba(211, 119, 111, 0) 10px, rgba(211, 119, 111, 0) 35px, rgba(211, 119, 111, 0.5) 35px, rgba(211, 119, 111, 0.5) 40px, rgba(11, 36, 45, 0.5) 40px, rgba(11, 36, 45, 0.5) 50px, rgba(11, 36, 45, 0) 50px, rgba(11, 36, 45, 0) 60px, rgba(211, 119, 111, 0.5) 60px, rgba(211, 119, 111, 0.5) 70px, rgba(247, 179, 85, 0.5) 70px, rgba(247, 179, 85, 0.5) 80px, rgba(247, 179, 85, 0) 80px, rgba(247, 179, 85, 0) 90px, rgba(211, 119, 111, 0.5) 90px, rgba(211, 119, 111, 0.5) 110px, rgba(211, 119, 111, 0) 110px, rgba(211, 119, 111, 0) 120px, rgba(11, 36, 45, 0.5) 120px, rgba(11, 36, 45, 0.5) 140px),
repeating-linear-gradient(135deg, transparent 5px, rgba(11, 36, 45, 0.5) 5px, rgba(11, 36, 45, 0.5) 10px, rgba(211, 119, 111, 0) 10px, rgba(211, 119, 111, 0) 35px, rgba(211, 119, 111, 0.5) 35px, rgba(211, 119, 111, 0.5) 40px, rgba(11, 36, 45, 0.5) 40px, rgba(11, 36, 45, 0.5) 50px, rgba(11, 36, 45, 0) 50px, rgba(11, 36, 45, 0) 60px, rgba(211, 119, 111, 0.5) 60px, rgba(211, 119, 111, 0.5) 70px, rgba(247, 179, 85, 0.5) 70px, rgba(247, 179, 85, 0.5) 80px, rgba(247, 179, 85, 0) 80px, rgba(247, 179, 85, 0) 90px, rgba(211, 119, 111, 0.5) 90px, rgba(211, 119, 111, 0.5) 110px, rgba(211, 119, 111, 0) 110px, rgba(211, 119, 111, 0) 140px, rgba(11, 36, 45, 0.5) 140px, rgba(11, 36, 45, 0.5) 160px); repeating-linear-gradient(135deg, transparent 5px, rgba(11, 36, 45, 0.5) 5px, rgba(11, 36, 45, 0.5) 10px, rgba(211, 119, 111, 0) 10px, rgba(211, 119, 111, 0) 35px, rgba(211, 119, 111, 0.5) 35px, rgba(211, 119, 111, 0.5) 40px, rgba(11, 36, 45, 0.5) 40px, rgba(11, 36, 45, 0.5) 50px, rgba(11, 36, 45, 0) 50px, rgba(11, 36, 45, 0) 60px, rgba(211, 119, 111, 0.5) 60px, rgba(211, 119, 111, 0.5) 70px, rgba(247, 179, 85, 0.5) 70px, rgba(247, 179, 85, 0.5) 80px, rgba(247, 179, 85, 0) 80px, rgba(247, 179, 85, 0) 90px, rgba(211, 119, 111, 0.5) 90px, rgba(211, 119, 111, 0.5) 110px, rgba(211, 119, 111, 0) 110px, rgba(211, 119, 111, 0) 140px, rgba(11, 36, 45, 0.5) 140px, rgba(11, 36, 45, 0.5) 160px);
} }
html.tartan { html.tartan {
height: 100%; height: 100%;
background-color: #a0302c; background-color: #a0302c;
background-image: repeating-linear-gradient(20deg, transparent, transparent 50px, rgba(0, 0, 0, 0.4) 50px, rgba(0, 0, 0, 0.4) 53px, transparent 53px, transparent 63px, rgba(0, 0, 0, 0.4) 63px, rgba(0, 0, 0, 0.4) 66px, transparent 66px, transparent 116px, rgba(0, 0, 0, 0.5) 116px, rgba(0, 0, 0, 0.5) 166px, rgba(255, 255, 255, 0.2) 166px, rgba(255, 255, 255, 0.2) 169px, rgba(0, 0, 0, 0.5) 169px, rgba(0, 0, 0, 0.5) 179px, rgba(255, 255, 255, 0.2) 179px, rgba(255, 255, 255, 0.2) 182px, rgba(0, 0, 0, 0.5) 182px, rgba(0, 0, 0, 0.5) 232px, transparent 232px), background-image: repeating-linear-gradient(20deg, transparent, transparent 50px, rgba(0, 0, 0, 0.4) 50px, rgba(0, 0, 0, 0.4) 53px, transparent 53px, transparent 63px, rgba(0, 0, 0, 0.4) 63px, rgba(0, 0, 0, 0.4) 66px, transparent 66px, transparent 116px, rgba(0, 0, 0, 0.5) 116px, rgba(0, 0, 0, 0.5) 166px, rgba(255, 255, 255, 0.2) 166px, rgba(255, 255, 255, 0.2) 169px, rgba(0, 0, 0, 0.5) 169px, rgba(0, 0, 0, 0.5) 179px, rgba(255, 255, 255, 0.2) 179px, rgba(255, 255, 255, 0.2) 182px, rgba(0, 0, 0, 0.5) 182px, rgba(0, 0, 0, 0.5) 232px, transparent 232px),
repeating-linear-gradient(290deg, transparent, transparent 50px, rgba(0, 0, 0, 0.4) 50px, rgba(0, 0, 0, 0.4) 53px, transparent 53px, transparent 63px, rgba(0, 0, 0, 0.4) 63px, rgba(0, 0, 0, 0.4) 66px, transparent 66px, transparent 116px, rgba(0, 0, 0, 0.5) 116px, rgba(0, 0, 0, 0.5) 166px, rgba(255, 255, 255, 0.2) 166px, rgba(255, 255, 255, 0.2) 169px, rgba(0, 0, 0, 0.5) 169px, rgba(0, 0, 0, 0.5) 179px, rgba(255, 255, 255, 0.2) 179px, rgba(255, 255, 255, 0.2) 182px, rgba(0, 0, 0, 0.5) 182px, rgba(0, 0, 0, 0.5) 232px, transparent 232px), repeating-linear-gradient(290deg, transparent, transparent 50px, rgba(0, 0, 0, 0.4) 50px, rgba(0, 0, 0, 0.4) 53px, transparent 53px, transparent 63px, rgba(0, 0, 0, 0.4) 63px, rgba(0, 0, 0, 0.4) 66px, transparent 66px, transparent 116px, rgba(0, 0, 0, 0.5) 116px, rgba(0, 0, 0, 0.5) 166px, rgba(255, 255, 255, 0.2) 166px, rgba(255, 255, 255, 0.2) 169px, rgba(0, 0, 0, 0.5) 169px, rgba(0, 0, 0, 0.5) 179px, rgba(255, 255, 255, 0.2) 179px, rgba(255, 255, 255, 0.2) 182px, rgba(0, 0, 0, 0.5) 182px, rgba(0, 0, 0, 0.5) 232px, transparent 232px),
repeating-linear-gradient(145deg, transparent, transparent 2px, rgba(0, 0, 0, 0.2) 2px, rgba(0, 0, 0, 0.2) 3px, transparent 3px, transparent 5px, rgba(0, 0, 0, 0.2) 5px); repeating-linear-gradient(145deg, transparent, transparent 2px, rgba(0, 0, 0, 0.2) 2px, rgba(0, 0, 0, 0.2) 3px, transparent 3px, transparent 5px, rgba(0, 0, 0, 0.2) 5px);
} }
html.seigaiha { html.seigaiha {
background-color: grey; background-color: grey;
background-image: radial-gradient(circle at 100% 150%, grey 24%, silver 25%, silver 28%, grey 29%, grey 36%, silver 36%, silver 40%, rgba(0, 0, 0, 0) 40%, rgba(0, 0, 0, 0)), background-image: radial-gradient(circle at 100% 150%, grey 24%, silver 25%, silver 28%, grey 29%, grey 36%, silver 36%, silver 40%, rgba(0, 0, 0, 0) 40%, rgba(0, 0, 0, 0)),
radial-gradient(circle at 0 150%, grey 24%, silver 25%, silver 28%, grey 29%, grey 36%, silver 36%, silver 40%, rgba(0, 0, 0, 0) 40%, rgba(0, 0, 0, 0)), radial-gradient(circle at 0 150%, grey 24%, silver 25%, silver 28%, grey 29%, grey 36%, silver 36%, silver 40%, rgba(0, 0, 0, 0) 40%, rgba(0, 0, 0, 0)),
radial-gradient(circle at 50% 100%, silver 10%, grey 11%, grey 23%, silver 24%, silver 30%, grey 31%, grey 43%, silver 44%, silver 50%, grey 51%, grey 63%, silver 64%, silver 71%, rgba(0, 0, 0, 0) 71%, rgba(0, 0, 0, 0)), radial-gradient(circle at 50% 100%, silver 10%, grey 11%, grey 23%, silver 24%, silver 30%, grey 31%, grey 43%, silver 44%, silver 50%, grey 51%, grey 63%, silver 64%, silver 71%, rgba(0, 0, 0, 0) 71%, rgba(0, 0, 0, 0)),
radial-gradient(circle at 100% 50%, silver 5%, grey 6%, grey 15%, silver 16%, silver 20%, grey 21%, grey 30%, silver 31%, silver 35%, grey 36%, grey 45%, silver 46%, silver 49%, rgba(0, 0, 0, 0) 50%, rgba(0, 0, 0, 0)), radial-gradient(circle at 100% 50%, silver 5%, grey 6%, grey 15%, silver 16%, silver 20%, grey 21%, grey 30%, silver 31%, silver 35%, grey 36%, grey 45%, silver 46%, silver 49%, rgba(0, 0, 0, 0) 50%, rgba(0, 0, 0, 0)),
radial-gradient(circle at 0 50%, silver 5%, grey 6%, grey 15%, silver 16%, silver 20%, grey 21%, grey 30%, silver 31%, silver 35%, grey 36%, grey 45%, silver 46%, silver 49%, rgba(0, 0, 0, 0) 50%, rgba(0, 0, 0, 0)); radial-gradient(circle at 0 50%, silver 5%, grey 6%, grey 15%, silver 16%, silver 20%, grey 21%, grey 30%, silver 31%, silver 35%, grey 36%, grey 45%, silver 46%, silver 49%, rgba(0, 0, 0, 0) 50%, rgba(0, 0, 0, 0));
background-size: 100px 50px; background-size: 100px 50px;
} }