raspap-webgui-mirror/includes/authenticate.php

23 lines
683 B
PHP
Raw Normal View History

2016-05-29 15:38:43 +00:00
<?php
$user = $_SERVER['PHP_AUTH_USER'] ?? "";
$pass = $_SERVER['PHP_AUTH_PW'] ?? "";
require_once RASPI_CONFIG.'/raspap.php';
$config = getConfig();
2016-05-29 15:38:43 +00:00
if (RASPI_AUTH_ENABLED) {
$validated = ($user == $config['admin_user']) && password_verify($pass, $config['admin_pass']);
if (!$validated) {
header('WWW-Authenticate: Basic realm="RaspAP"');
if (function_exists('http_response_code')) {
// http_response_code will respond with proper HTTP version back.
http_response_code(401);
} else {
header('HTTP/1.0 401 Unauthorized');
}
exit('Not authorized'.PHP_EOL);
}
} else {
$validated = true;
2016-05-29 15:38:43 +00:00
}