lucidAuth/public/lucidAuth.manage.php

87 lines
3.4 KiB
PHP

<?php
error_reporting(E_ALL ^ E_NOTICE);
include_once('../include/lucidAuth.functions.php');
if (!empty($_COOKIE['JWT'])) {
$validateTokenResult = validateToken($_COOKIE['JWT']);
}
if ($validateTokenResult['status'] === "Success") {
if ($_REQUEST['do'] === 'retrievesessions') {
$storedTokens = [];
$pdoQuery = $pdoDB->prepare('
SELECT SecureToken.Id, SecureToken.UserId, SecureToken.Value
FROM SecureToken
WHERE SecureToken.UserId = :userid
');
$pdoQuery->execute([
':userid' => (int) $_REQUEST['userid']
]);
foreach($pdoQuery->fetchAll(PDO::FETCH_ASSOC) as $row) {
try {
$JWTPayload = JWT::decode($row['Value'], base64_decode($settings->JWT['PrivateKey_base64']), $settings->JWT['Algorithm']);
$storedTokens[] = [
'tid' => $row['Id'],
'iat' => $JWTPayload->iat,
'iss' => $JWTPayload->iss,
'fp' => $JWTPayload->fp
];
} catch (Exception $e) {
// Invalid token
continue;
}
}
// Return JSON object
header('Content-Type: application/json');
echo json_encode([
"Result" => "Success",
"SessionCount" => sizeof($storedTokens),
"UserSessions" => json_encode($storedTokens)
]);
} else {
// No action requested, default action
include_once('../include/lucidAuth.template.php');
try {
$allUsers = $pdoDB->query('
SELECT User.Id, User.Username, Role.Rolename
FROM User
LEFT JOIN Role
ON (Role.Id = User.RoleId)
')->fetchAll(PDO::FETCH_ASSOC);
} catch (Exception $e) {
// Should really do some actual errorhandling here
throw new Exception($e);
}
foreach($allUsers as $row) {
$tableRows[] = sprintf('<tr%1$s><td data-userid="%2$s">%3$s</td><td>%4$s</td><td class="immutable">%5$s</td></tr>',
$validateTokenResult['uid'] === $row['Id'] ? ' class="currentuser"': null,
$row['Id'],
explode('\\', $row['Username'])[1],
$row['Rolename'],
'<button class="bttn-simple bttn-xs bttn-primary session" data-translation="button_sessions">Sessions</button>' . ($validateTokenResult['uid'] === $row['Id'] ? null : '&nbsp;<button class="bttn-simple bttn-xs bttn-primary delete" data-translation="button_delete">Delete</button>')
);
}
echo sprintf($pageLayout['full_alt'],
sprintf($contentLayout['manage']['header'],
$validateTokenResult['name']
),
sprintf($contentLayout['manage']['section'],
implode($tableRows)
)
);
}
} else {
// No cookie containing valid authentication token found;
// explicitly deleting any remaining cookie, then redirecting to loginpage
setcookie('JWT', FALSE);
header("HTTP/1.1 401 Unauthorized");
header("Location: lucidAuth.login.php");
}
?>