Periodic merge upstream #5
@@ -35,14 +35,36 @@ function authenticateLDAP (string $username, string $password) {
|
||||
if (@ldap_bind($ds, $qualifiedUsername, utf8_encode($_POST['password']))) {
|
||||
// Successful authentication; get additional userdetails from authenticationsource
|
||||
$ldapSearchResults = ldap_search($ds, $settings->LDAP['BaseDN'], "sAMAccountName=$sanitizedUsername");
|
||||
$commonName = ldap_get_entries($ds, $ldapSearchResults)[0]['cn'][0];
|
||||
// Create JWT-payload
|
||||
$commonName = ldap_get_entries($ds, $ldapSearchResults)[0]['cn'][0];
|
||||
|
||||
$browserDetails = get_browser(null, True);
|
||||
$geoLocation = json_decode(file_get_contents("http://ip-api.com/json/{$_SERVER['HTTP_X_REAL_IP']}"));
|
||||
if ($geoLocation->status === 'fail') {
|
||||
switch ($geoLocation->message) {
|
||||
case 'private range':
|
||||
case 'reserved range':
|
||||
$geoLocation = json_decode(file_get_contents("http://ip-api.com/json/" . trim(file_get_contents('https://api.ipify.org')) ));
|
||||
break;
|
||||
case 'invalid query':
|
||||
default:
|
||||
$geoLocation->city = null;
|
||||
$geoLocation->countryCode = null;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
// Create JWT-payload
|
||||
$jwtPayload = [
|
||||
'iat' => time(), // Issued at: time when the token was generated
|
||||
'iss' => $_SERVER['SERVER_NAME'], // Issuer
|
||||
'sub' => $qualifiedUsername, // Subject (ie. username)
|
||||
'name' => $commonName, // Common name (as retrieved from AD)
|
||||
'fp' => base64_encode(json_encode(get_browser(null, True))) // Fingerprint (based on `HTTP_USER_AGENT`)
|
||||
'iat' => time(), // Issued at: time when the token was generated
|
||||
'iss' => $_SERVER['SERVER_NAME'], // Issuer
|
||||
'sub' => $qualifiedUsername, // Subject (ie. username)
|
||||
'name' => $commonName, // Common name (as retrieved from AD)
|
||||
'fp' => base64_encode(json_encode((object) [ // Fingerprint
|
||||
'browser' => $browserDetails['browser'],
|
||||
'platform' => $browserDetails['platform'],
|
||||
'city' => $geoLocation->city,
|
||||
'countrycode' => $geoLocation->countryCode
|
||||
]))
|
||||
];
|
||||
|
||||
$secureToken = JWT::encode($jwtPayload, base64_decode($settings->JWT['PrivateKey_base64']));
|
||||
|
||||
1
public/images/README.md
Normal file
1
public/images/README.md
Normal file
@@ -0,0 +1 @@
|
||||
Browser logo's obtained from [alrra/browser-logos](https://github.com/alrra/browser-logos).
|
||||
BIN
public/images/chrome_256x256.png
Normal file
BIN
public/images/chrome_256x256.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 26 KiB |
BIN
public/images/edge_256x256.png
Normal file
BIN
public/images/edge_256x256.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 26 KiB |
BIN
public/images/firefox_256x256.png
Normal file
BIN
public/images/firefox_256x256.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 37 KiB |
BIN
public/images/opera_256x256.png
Normal file
BIN
public/images/opera_256x256.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 12 KiB |
BIN
public/images/safari_256x256.png
Normal file
BIN
public/images/safari_256x256.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 64 KiB |
BIN
public/images/tor_256x256.png
Normal file
BIN
public/images/tor_256x256.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 24 KiB |
@@ -22,7 +22,10 @@ $(document).ready(function(){
|
||||
var Sessions = JSON.parse(data.UserSessions);
|
||||
for (var i = 0; i < data.SessionCount; i++) {
|
||||
try {
|
||||
var Fingerprint = JSON.parse(atob(Sessions[i]['fp']));
|
||||
var fingerPrint = JSON.parse(atob(Sessions[i]['fp']));
|
||||
var sessionDetails = '<img class="browsericon" src="/images/' + fingerPrint['browser'] + '_256x256.png">';
|
||||
sessionDetails += fingerPrint['browser'] + ' -- ' + fingerPrint['platform'];
|
||||
sessionDetails += '<br>' + fingerPrint['city'] + ' (' + fingerPrint['countrycode'] + ')';
|
||||
} catch(e) {
|
||||
// Do nothing
|
||||
}
|
||||
@@ -34,8 +37,7 @@ $(document).ready(function(){
|
||||
text: Sessions[i]['iss']
|
||||
}))
|
||||
.append($('<td>', {
|
||||
// text: Sessions[i]['fp'] ? atob(Sessions[i]['fp'])['browser'] + '(' + atob(Sessions[i]['fp'])['platform'] + ')' : ''
|
||||
text: Fingerprint ? Fingerprint['browser'] + ' (' + Fingerprint['platform'] + ')' : ''
|
||||
html: sessionDetails ? sessionDetails : ''
|
||||
}))
|
||||
);
|
||||
}
|
||||
|
||||
@@ -142,10 +142,16 @@ body {
|
||||
padding-top: 5px;
|
||||
background: white;
|
||||
font-size: inherit;
|
||||
font-weight: bold;
|
||||
z-index: 99;
|
||||
overflow-y: auto;
|
||||
}
|
||||
.main section #sessions .browsericon {
|
||||
height: 30px;
|
||||
float: left;
|
||||
margin-right: 5px;
|
||||
border: none;
|
||||
filter: drop-shadow(0px 0px 1px #000);
|
||||
}
|
||||
.main section table {
|
||||
width: 100%;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user