-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathAuthenticator.php
More file actions
49 lines (37 loc) · 1.76 KB
/
Copy pathAuthenticator.php
File metadata and controls
49 lines (37 loc) · 1.76 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
<?php
declare(strict_types=1);
/**
* @param array<string, mixed> $config
* @param array<string, mixed> $versionMeta
*
* @return array{outcome: string, error: string, version_meta: array<string, mixed>}
*/
function evaluateAuthentication(array $config, bool $showVersionsBeforeLogin = false, array $versionMeta = []): array
{
/** @var string $password */
$password = '';
if (isset($config['password']) && is_scalar($config['password'])) {
$password = (string) $config['password'];
}
if ('' === $password) {
return ['outcome' => 'no-password', 'error' => '', 'version_meta' => $versionMeta];
}
if (isset($_GET['logout'])) {
$_SESSION = [];
return ['outcome' => 'logged-out', 'error' => '', 'version_meta' => $versionMeta];
}
if (isset($_SESSION['oak_installer_authenticated']) && true === $_SESSION['oak_installer_authenticated']) {
return ['outcome' => 'authenticated', 'error' => '', 'version_meta' => $versionMeta];
}
$versionMetaForForm = $showVersionsBeforeLogin ? $versionMeta : [];
if ('POST' === $_SERVER['REQUEST_METHOD'] && isset($_POST['password']) && is_string($_POST['password'])) {
$inputPassword = (string) $_POST['password'];
if (password_verify($inputPassword, $password) || hash_equals($password, $inputPassword)) {
$_SESSION['oak_installer_authenticated'] = true;
$_SESSION['oak_installer_auth_time'] = time();
return ['outcome' => 'login-ok', 'error' => '', 'version_meta' => $versionMeta];
}
return ['outcome' => 'login-failed', 'error' => __('incorrect_password'), 'version_meta' => $versionMetaForForm];
}
return ['outcome' => 'show-form', 'error' => '', 'version_meta' => $versionMetaForForm];
}