We use cookies to ensure you get the best experience on our website
Startsida Utforska Hjälp
Registrera dig Logga in
0ct0pu5
/
servnest
1
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Träd: 18d976217b
Grenar Taggar
servnest
/
fn
/
auth.php

auth.php 3.5 KB
Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107 
  1. <?php
    2. 

  2. 

  3. const USERNAME_REGEX = '^[\p{L}\p{N}_-]{1,64}$';
    4. 

  4. const PASSWORD_REGEX = '^(?=.*[\p{Ll}])(?=.*[\p{Lu}])(?=.*[\p{N}]).{8,1024}|.{10,1024}$';
    5. 

  5. 

  6. const PLACEHOLDER_USERNAME = 'lain';
    7. 

  7. const PLACEHOLDER_PASSWORD = '••••••••••••••••••••••••';
    8. 

  8. 

  9. // Password storage security
    10. 

  10. const ALGO_PASSWORD = PASSWORD_ARGON2ID;
    11. 

  11. const OPTIONS_PASSWORD = [
    12. 

  12. 	'memory_cost' => 65536,
    13. 

  13. 	'time_cost' => 4,
    14. 

  14. 	'threads' => 64,
    15. 

  15. ];
    16. 

  16. 

  17. function checkPasswordFormat($password) {
    18. 

  18. 	if (preg_match('/' . PASSWORD_REGEX . '/u', $password) !== 1)
    19. 

  19. 		output(403, 'Password malformed.');
    20. 

  20. }
    21. 

  21. 

  22. function checkUsernameFormat($username) {
    23. 

  23. 	if (preg_match('/' . USERNAME_REGEX . '/u', $username) !== 1)
    24. 

  24. 		output(403, 'Username malformed.');
    25. 

  25. }
    26. 

  26. 

  27. function hashPassword($password) {
    28. 

  28. 	return password_hash($password, ALGO_PASSWORD, OPTIONS_PASSWORD);
    29. 

  29. }
    30. 

  30. 

  31. function userExist($username) {
    32. 

  32. 	return isset(query('select', 'users', ['username' => $username], 'username')[0]);
    33. 

  33. }
    34. 

  34. 

  35. function checkPassword($username, $password) {
    36. 

  36. 	return password_verify($password, query('select', 'users', ['username' => $username], 'password')[0]);
    37. 

  37. }
    38. 

  38. 

  39. function outdatedPasswordHash($username) {
    40. 

  40. 	return password_needs_rehash(query('select', 'users', ['username' => $username], 'password')[0], ALGO_PASSWORD, OPTIONS_PASSWORD);
    41. 

  41. }
    42. 

  42. 

  43. function changePassword($username, $password) {
    44. 

  44. 	$db = new PDO('sqlite:' . DB_PATH);
    45. 

  45. 

  46. 	$stmt = $db->prepare('UPDATE users SET password = :password WHERE username = :username');
    47. 

  47. 

  48. 	$stmt->bindValue(':username', $username);
    49. 

  49. 	$stmt->bindValue(':password', hashPassword($password));
    50. 

  50. 

  51. 	$stmt->execute();
    52. 

  52. }
    53. 

  53. 

  54. function rateLimit() {
    55. 

  55. 	if (PAGE_METADATA['tokens_account_cost'] ?? 0 > 0)
    56. 

  56. 		rateLimitAccount(PAGE_METADATA['tokens_account_cost']);
    57. 

  57. 

  58. 	if (PAGE_METADATA['tokens_instance_cost'] ?? 0 > 0)
    59. 

  59. 		rateLimitInstance(PAGE_METADATA['tokens_instance_cost']);
    60. 

  60. }
    61. 

  61. 

  62. function rateLimitAccount($requestedTokens) {
    63. 

  63. 	// Get
    64. 

  64. 	$userData = query('select', 'users', ['username' => $_SESSION['username']]);
    65. 

  65. 	$tokens = $userData[0]['bucket_tokens'];
    66. 

  66. 	$bucketLastUpdate = $userData[0]['bucket_last_update'];
    67. 

  67. 

  68. 	// Compute
    69. 

  69. 	$tokens = min(86400, $tokens + (time() - $bucketLastUpdate));
    70. 

  70. 

  71. 	if ($requestedTokens > $tokens)
    72. 

  72. 		output(453, 'Limite d\'actions par compte atteinte. Réessayez plus tard.');
    73. 

  73. 

  74. 	$tokens -= $requestedTokens;
    75. 

  75. 

  76. 	// Update
    77. 

  77. 	$db = new PDO('sqlite:' . DB_PATH);
    78. 

  78. 	$stmt = $db->prepare('UPDATE users SET bucket_tokens = :bucket_tokens, bucket_last_update = :bucket_last_update WHERE username = :username');
    79. 

  79. 	$stmt->bindValue(':username', $_SESSION['username']);
    80. 

  80. 	$stmt->bindValue(':bucket_tokens', $tokens);
    81. 

  81. 	$stmt->bindValue(':bucket_last_update', time());
    82. 

  82. 	$stmt->execute();
    83. 

  83. }
    84. 

  84. 

  85. function rateLimitInstance($requestedTokens) {
    86. 

  86. 	// Get
    87. 

  87. 	$tokens = query('select', 'params', ['name' => 'instance_bucket_tokens'], 'value')[0];
    88. 

  88. 	$bucketLastUpdate = query('select', 'params', ['name' => 'instance_bucket_last_update'], 'value')[0];
    89. 

  89. 

  90. 	// Compute
    91. 

  91. 	$tokens = min(86400, $tokens + (time() - $bucketLastUpdate));
    92. 

  92. 

  93. 	if ($requestedTokens > $tokens)
    94. 

  94. 		output(453, 'Limite d\'actions globale atteinte. Réessayez plus tard.');
    95. 

  95. 

  96. 	$tokens -= $requestedTokens;
    97. 

  97. 

  98. 	// Update
    99. 

  99. 	$db = new PDO('sqlite:' . DB_PATH);
    100. 

  100. 	$stmt = $db->prepare("UPDATE params SET value = :bucket_tokens WHERE name = 'instance_bucket_tokens';");
    101. 

  101. 	$stmt->bindValue(':bucket_tokens', $tokens);
    102. 

  102. 	$stmt->execute();
    103. 

  103. 

  104. 	$stmt = $db->prepare("UPDATE params SET value = :bucket_last_update WHERE name = 'instance_bucket_last_update';");
    105. 

  105. 	$stmt->bindValue(':bucket_last_update', time());
    106. 

  106. 	$stmt->execute();
    107. 

  107. }
    108.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5