diff --git a/include/lucidAuth.functions.php b/include/lucidAuth.functions.php
index 675beb7..2c6910c 100644
--- a/include/lucidAuth.functions.php
+++ b/include/lucidAuth.functions.php
@@ -35,14 +35,36 @@ function authenticateLDAP (string $username, string $password) {
if (@ldap_bind($ds, $qualifiedUsername, utf8_encode($_POST['password']))) {
// Successful authentication; get additional userdetails from authenticationsource
$ldapSearchResults = ldap_search($ds, $settings->LDAP['BaseDN'], "sAMAccountName=$sanitizedUsername");
- $commonName = ldap_get_entries($ds, $ldapSearchResults)[0]['cn'][0];
- // Create JWT-payload
+ $commonName = ldap_get_entries($ds, $ldapSearchResults)[0]['cn'][0];
+
+ $browserDetails = get_browser(null, True);
+ $geoLocation = json_decode(file_get_contents("http://ip-api.com/json/{$_SERVER['HTTP_X_REAL_IP']}"));
+ if ($geoLocation->status === 'fail') {
+ switch ($geoLocation->message) {
+ case 'private range':
+ case 'reserved range':
+ $geoLocation = json_decode(file_get_contents("http://ip-api.com/json/" . trim(file_get_contents('https://api.ipify.org')) ));
+ break;
+ case 'invalid query':
+ default:
+ $geoLocation->city = null;
+ $geoLocation->countryCode = null;
+ break;
+ }
+ }
+
+ // Create JWT-payload
$jwtPayload = [
- 'iat' => time(), // Issued at: time when the token was generated
- 'iss' => $_SERVER['SERVER_NAME'], // Issuer
- 'sub' => $qualifiedUsername, // Subject (ie. username)
- 'name' => $commonName, // Common name (as retrieved from AD)
- 'fp' => base64_encode(json_encode(get_browser(null, True))) // Fingerprint (based on `HTTP_USER_AGENT`)
+ 'iat' => time(), // Issued at: time when the token was generated
+ 'iss' => $_SERVER['SERVER_NAME'], // Issuer
+ 'sub' => $qualifiedUsername, // Subject (ie. username)
+ 'name' => $commonName, // Common name (as retrieved from AD)
+ 'fp' => base64_encode(json_encode((object) [ // Fingerprint
+ 'browser' => $browserDetails['browser'],
+ 'platform' => $browserDetails['platform'],
+ 'city' => $geoLocation->city,
+ 'countrycode' => $geoLocation->countryCode
+ ]))
];
$secureToken = JWT::encode($jwtPayload, base64_decode($settings->JWT['PrivateKey_base64']));
diff --git a/public/images/README.md b/public/images/README.md
new file mode 100644
index 0000000..365a994
--- /dev/null
+++ b/public/images/README.md
@@ -0,0 +1 @@
+Browser logo's obtained from [alrra/browser-logos](https://github.com/alrra/browser-logos).
\ No newline at end of file
diff --git a/public/images/chrome_256x256.png b/public/images/chrome_256x256.png
new file mode 100644
index 0000000..a8ae85e
Binary files /dev/null and b/public/images/chrome_256x256.png differ
diff --git a/public/images/edge_256x256.png b/public/images/edge_256x256.png
new file mode 100644
index 0000000..f80a904
Binary files /dev/null and b/public/images/edge_256x256.png differ
diff --git a/public/images/firefox_256x256.png b/public/images/firefox_256x256.png
new file mode 100644
index 0000000..dc974fb
Binary files /dev/null and b/public/images/firefox_256x256.png differ
diff --git a/public/images/opera_256x256.png b/public/images/opera_256x256.png
new file mode 100644
index 0000000..f90cc72
Binary files /dev/null and b/public/images/opera_256x256.png differ
diff --git a/public/images/safari_256x256.png b/public/images/safari_256x256.png
new file mode 100644
index 0000000..c09ac65
Binary files /dev/null and b/public/images/safari_256x256.png differ
diff --git a/public/images/tor_256x256.png b/public/images/tor_256x256.png
new file mode 100644
index 0000000..b1f54dc
Binary files /dev/null and b/public/images/tor_256x256.png differ
diff --git a/public/misc/script.manage.js b/public/misc/script.manage.js
index 63cd056..e03689b 100644
--- a/public/misc/script.manage.js
+++ b/public/misc/script.manage.js
@@ -22,7 +22,10 @@ $(document).ready(function(){
var Sessions = JSON.parse(data.UserSessions);
for (var i = 0; i < data.SessionCount; i++) {
try {
- var Fingerprint = JSON.parse(atob(Sessions[i]['fp']));
+ var fingerPrint = JSON.parse(atob(Sessions[i]['fp']));
+ var sessionDetails = '
';
+ sessionDetails += fingerPrint['browser'] + ' -- ' + fingerPrint['platform'];
+ sessionDetails += '
' + fingerPrint['city'] + ' (' + fingerPrint['countrycode'] + ')';
} catch(e) {
// Do nothing
}
@@ -34,8 +37,7 @@ $(document).ready(function(){
text: Sessions[i]['iss']
}))
.append($('', {
-// text: Sessions[i]['fp'] ? atob(Sessions[i]['fp'])['browser'] + '(' + atob(Sessions[i]['fp'])['platform'] + ')' : ''
- text: Fingerprint ? Fingerprint['browser'] + ' (' + Fingerprint['platform'] + ')' : ''
+ html: sessionDetails ? sessionDetails : ''
}))
);
}
diff --git a/public/misc/style.css b/public/misc/style.css
index 7e59f63..3927a3e 100644
--- a/public/misc/style.css
+++ b/public/misc/style.css
@@ -142,10 +142,16 @@ body {
padding-top: 5px;
background: white;
font-size: inherit;
- font-weight: bold;
z-index: 99;
overflow-y: auto;
}
+ .main section #sessions .browsericon {
+ height: 30px;
+ float: left;
+ margin-right: 5px;
+ border: none;
+ filter: drop-shadow(0px 0px 1px #000);
+ }
.main section table {
width: 100%;
}
|