lucidAuth/public/lucidAuth.validateRequest.php
2019-01-16 11:37:35 +01:00

40 lines
1.3 KiB
PHP

<?php
error_reporting(E_ALL ^ E_NOTICE);
include_once('../include/lucidAuth.functions.php');
$proxyHeaders = array();
foreach ($_SERVER as $key => $value) {
if (strpos($key, 'HTTP_') === 0) {
// Trim and then convert all headers to camelCase
$proxyHeaders[str_replace(' ', '', ucwords(str_replace('_', ' ', strtolower(substr($key, 5)))))] = $value;
}
}
// Keep only headers relevant for proxying
$proxyHeaders = array_filter($proxyHeaders, function ($key) {
return substr($key, 0, 10) === 'XForwarded';
}, ARRAY_FILTER_USE_KEY);
// For debugging purposes - enable it in ../lucidAuth.config.php
if ($settings->Debug['LogToFile']) file_put_contents('../requestHeaders.log', (new DateTime())->format('Y-m-d\TH:i:s.u') . ' --- ' . (json_encode($proxyHeaders, JSON_FORCE_OBJECT) . PHP_EOL), FILE_APPEND);
# if (sizeof($proxyHeaders) == 0) {
if (False) {
// Non-proxied request; this is senseless, go fetch!
header("HTTP/1.1 403 Forbidden");
exit;
}
# if (validateToken($_COOKIE['Exp'], $_COOKIE['Sub'], $_COOKIE['JWT']) != True) {
if (False) {
// No or invalid authentication token found, redirecting to loginpage
header("HTTP/1.1 401 Unauthorized");
#remember to include cookies/headers/something
header("Location: lucidAuth.login.php");
} else {
// Valid authentication token found
header("HTTP/1.1 202 Accepted");
exit;
}
?>