Add RASPI_AUTH_ENABLED flag to config #280

This commit is contained in:
billz 2022-12-12 12:44:20 +01:00
parent e5778ba01c
commit d76984517c
2 changed files with 17 additions and 12 deletions

View file

@ -29,10 +29,13 @@ define('RASPI_LIGHTTPD_CONFIG', '/etc/lighttpd/lighttpd.conf');
define('RASPI_ACCESS_CHECK_IP', '1.1.1.1');
define('RASPI_ACCESS_CHECK_DNS', 'one.one.one.one');
// Constant for the 5GHz wireless regulatory domain
// Constants for the 5GHz wireless regulatory domain.
define('RASPI_5GHZ_ISO_ALPHA2', array('NL','US'));
define('RASPI_5GHZ_MAX_CHANNEL', 165);
// Enable basic authentication for the web admin.
define('RASPI_AUTH_ENABLED', true);
// Optional services, set to true to enable.
define('RASPI_WIFICLIENT_ENABLED', true);
define('RASPI_HOTSPOT_ENABLED', true);

View file

@ -5,16 +5,18 @@ $pass = $_SERVER['PHP_AUTH_PW'] ?? "";
require_once RASPI_CONFIG.'/raspap.php';
$config = getConfig();
$validated = ($user == $config['admin_user']) && password_verify($pass, $config['admin_pass']);
if (!$validated) {
header('WWW-Authenticate: Basic realm="RaspAP"');
if (function_exists('http_response_code')) {
// http_response_code will respond with proper HTTP version back.
http_response_code(401);
} else {
header('HTTP/1.0 401 Unauthorized');
if (RASPI_AUTH_ENABLED) {
$validated = ($user == $config['admin_user']) && password_verify($pass, $config['admin_pass']);
if (!$validated) {
header('WWW-Authenticate: Basic realm="RaspAP"');
if (function_exists('http_response_code')) {
// http_response_code will respond with proper HTTP version back.
http_response_code(401);
} else {
header('HTTP/1.0 401 Unauthorized');
}
exit('Not authorized'.PHP_EOL);
}
exit('Not authorized'.PHP_EOL);
} else {
$validated = true;
}