lars/accred
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Blocage des logins non caribana.ch

Browse Source
This commit is contained in:
Caribana 2017-05-26 18:56:08 +02:00
parent a19ad8706a
commit cd9647bd4a
1 changed files with 16 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
tokensignin.php
View File

@ -30,18 +30,24 @@ if ($payload) {
$userid = $payload['sub'];
// If request specified a G Suite domain:
$domain = $payload['hd'];
// Associate user info to session si we can use it later
$_SESSION['uid'] = $userid;
$_SESSION['dom'] = $domain;
$_SESSION['email'] = $payload['email'];
$_SESSION['name'] = $payload['name'];
// Is this user admin
$_SESSION['admin'] = '';
if( array_key_exists($userid, $admins)) {
if($domain=='caribana.ch') {
// Associate user info to session si we can use it later
$_SESSION['uid'] = $userid;
$_SESSION['dom'] = $domain;
$_SESSION['email'] = $payload['email'];
$_SESSION['name'] = $payload['name'];
// Is this user admin
$_SESSION['admin'] = '';
if( array_key_exists($userid, $admins)) {
$_SESSION['admin'] = 1;
}
echo "SUCCESS: $userid / DOMAIN: $domain";
syslog(LOG_INFO, "Authorized login $userid / ". $payload['name']. ",domain: $domain from : {$_SERVER['REMOTE_ADDR']} ({$_SERVER['HTTP_USER_AGENT']})");
}
else {
syslog(LOG_ERR, "Failed login ". $payload['name']. " from : {$_SERVER['REMOTE_ADDR']} ({$_SERVER['HTTP_USER_AGENT']}), incorrect domain: $domain");
echo "FAIL";
}
echo "SUCCESS: $userid / DOMAIN: $domain";
syslog(LOG_INFO, "Authorized login $userid / ". $payload['name']. " from : {$_SERVER['REMOTE_ADDR']} ({$_SERVER['HTTP_USER_AGENT']})");
} else {
// Invalid ID token
syslog(LOG_ERR, "Failed login ". $payload['name']. " from : {$_SERVER['REMOTE_ADDR']} ({$_SERVER['HTTP_USER_AGENT']})");