Merge pull request #1796 from RaspAP/feat/auth-enhancements

Feature: Auth enhancements
2025-07-08 17:47:40 +02:00 · 2025-03-23 15:00:57 +01:00 · 2025-03-23 15:00:57 +01:00 · 8bd5b1b988
commit 8bd5b1b988
parent 71f1132bc8 734043dee6
7 changed files with 64 additions and 6 deletions
--- a/app/img/uri-qr-code.php
+++ b/app/img/uri-qr-code.php
@ -0,0 +1,29 @@
+<?php
+
+if (!isset($_GET['uri']) || !filter_var($_GET['uri'], FILTER_VALIDATE_URL)) {
+    header("HTTP/1.1 400 Bad Request");
+    exit("Invalid or missing URI parameter");
+}
+
+$uri = $_GET['uri'];
+$command = "qrencode -t svg -m 0 -o - " . escapeshellarg($uri);
+
+$svg = shell_exec($command);
+if ($svg === null) {
+    error_log("QR generation failed for URI: $uri");
+    header("HTTP/1.1 500 Internal Server Error");
+    exit("Failed to generate QR code");
+}
+
+$etag = hash('sha256', $uri);
+$content_length = strlen($svg);
+$last_modified = gmdate("D, d M Y H:i:s") . " GMT";
+
+header("Content-Type: image/svg+xml");
+header("Content-Length: $content_length");
+header("Last-Modified: $last_modified");
+header("ETag: \"$etag\"");
+header("X-QR-Code-Content: " . htmlspecialchars($uri, ENT_QUOTES, 'UTF-8'));
+
+echo $svg;
+
--- a/app/js/custom.js
+++ b/app/js/custom.js
@ -1019,6 +1019,14 @@ document.addEventListener("DOMContentLoaded", function () {
    }
 });

+function disableValidation(form) {
+    form.removeAttribute("novalidate");
+    form.classList.remove("needs-validation");
+    form.querySelectorAll("[required]").forEach(function (field) {
+        field.removeAttribute("required");
+    });
+}
+
 $(document).ready(function() {
    const $htmlElement = $('html');
    const $modeswitch = $('#night-mode');
--- a/includes/admin.php
+++ b/includes/admin.php
@ -35,6 +35,8 @@ function DisplayAuthConfig($username)
        } else {
            $status->addMessage('Old password does not match', 'danger');
        }
+    } elseif (isset($_POST['logout'])) {
+        $auth->logout();
    }

    echo renderTemplate(
--- a/src/RaspAP/Auth/HTTPAuth.php
+++ b/src/RaspAP/Auth/HTTPAuth.php
@ -74,6 +74,20 @@ class HTTPAuth
        return false;
    }

+    /*
+     * Logs out the administrative user
+     */
+    public function logout(): void
+    {
+        session_unset(); // unset all session variables
+        session_destroy(); // destroy the session
+        $redirectUrl = $_SERVER['REQUEST_URI'];
+        if (strpos($redirectUrl, '/login') === false) {
+            header('Location: /login?action=' . urlencode($redirectUrl));
+            exit();
+        }
+    }
+
    /*
     * Gets the current authentication config
     * return array $config
--- a/src/RaspAP/UI/Sidebar.php
+++ b/src/RaspAP/UI/Sidebar.php
@ -39,9 +39,6 @@ class Sidebar {
        );
        $this->addItem(_(getProviderValue($_SESSION["providerID"], "name")), 'fas fa-shield-alt', 'provider_conf', 90,
            fn() => RASPI_VPN_PROVIDER_ENABLED
-        );
-         $this->addItem(_('Authentication'), 'fas fa-user-lock', 'auth_conf', 100,
-            fn() => RASPI_CONFAUTH_ENABLED
        );
        $this->addItem(_('Data usage'), 'fas fa-chart-area', 'data_use', 110,
            fn() => RASPI_VNSTAT_ENABLED
--- a/templates/admin.php
+++ b/templates/admin.php
@ -1,10 +1,17 @@
+<?php ob_start() ?>
+  <?php if (!RASPI_MONITOR_ENABLED) : ?>
+    <input type="submit" class="btn btn-outline btn-primary" name="UpdateAdminPassword" value="<?php echo _("Save settings"); ?>" />
+    <input type="submit" class="btn btn-warning" name="logout" value="<?php echo _("Logout") ?>" onclick="disableValidation(this.form)"/>
+  <?php endif ?>
+<?php $buttons = ob_get_clean(); ob_end_clean() ?>
+
 <div class="row">
  <div class="col-lg-12">
    <div class="card">
      <div class="card-header">
        <div class="row">
-	        <div class="col">
-						<i class="fas fa-user-lock me-2"></i><?php echo _("Authentication"); ?>
+	      <div class="col">
+            <i class="fas fa-user-lock me-2"></i><?php echo _("Authentication"); ?>
          </div>
        </div><!-- /.row -->
      </div><!-- /.card-header -->
@ -58,7 +65,7 @@
              </div>
            </div>
          </div>
-          <input type="submit" class="btn btn-outline btn-primary" name="UpdateAdminPassword" value="<?php echo _("Save settings"); ?>" />
+          <?php echo $buttons ?>
        </form>
      </div><!-- /.card-body -->
      <div class="card-footer"></div>
--- a/templates/login.php
+++ b/templates/login.php
@ -32,6 +32,7 @@
                </div>
                <button type="submit" class="btn btn-outline btn-admin-login rounded-pill w-75 mt-4"><?php echo _("Login") ?></button>
                <div class="small mt-2"><a href="https://docs.raspap.com/authentication/#restoring-defaults" target="_blank"><?php echo _("Forgot password") ?></a></div>
+                <img src="app/img/uri-qr-code.php?uri=https://docs.raspap.com/authentication/" class="figure-img img-fluid mt-2" alt="RaspAP docs" style="width:75px;">
              </form>
            </div>
          </div><!-- /.col -->