auth

check_session.php

@@ -0,0 +1,8 @@
+<?php
+
+session_start();
+
+if (isset($_SESSION["username"])) echo $_SESSION["username"];
+else echo "";
+       
+?>

common.js

@@ -523,8 +523,21 @@ function get_version() {
   });
 }
 
+function check_session() {
+	var url  = 'check_session.php';
+	jQuery.get(url, function(data) {
+		console.log('check_session: '+data);
+		if (data=="") {
+			document.location='signin.html';
+			exit;
+		}
+	});
+}
+
 jQuery(document).ready(function(){
 
+	check_session();
+
 	get_version();
 	get_repositories();
 	get_deployments();

install.js

@@ -67,6 +67,11 @@ function redirectToManage() {
 	window.location.href = 'manage.html?t='+Date.now();
 }
 
+function redirectToAuth() {
+	setProgress(100);
+	window.location.href = 'signin.html?t='+Date.now();
+}
+
 function start_system() {
   var url  = 'scan.php?op=system';
   $.get(url, function(data){
@@ -94,6 +99,11 @@ function check_system() {
       setProgress(80);
       setTimeout(redirectToManage, 3000);
     }
+    else if (data=='AUTH') {
+      $("#info").html('Previous install has found... Please sign in.');
+      setProgress(80);
+      setTimeout(redirectToAuth, 3000);
+    }
     else if (data=='WAIT') {
       setTimeout(check_system, 1000);
     }

manage.html

@@ -89,7 +89,7 @@
 
     document.addEventListener('DOMContentLoaded', function() {
 
-	    updateActive();
+	updateActive();
 
     const myAppsBtn = document.getElementById('myAppsBtn');
     const installAppsBtn = document.getElementById('installAppsBtn');
@@ -409,6 +409,6 @@
 <script src="https://code.jquery.com/jquery-3.7.1.min.js"></script>
 <script src="https://cdn.jsdelivr.net/npm/popper.js@1.14.6/dist/umd/popper.min.js" integrity="sha384-wHAiFfRlMFy6i5SRaxvfOCifBUQy1xHdJ/yoi7FRNXMRBu5WHdZYu1hA6ZOblgut" crossorigin="anonymous"></script>
 <script src="https://cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/js/bootstrap.min.js" integrity="sha384-B0UglyR+jN6CkvvICOB2joaf5I4l3gm9GU6Hc1og6Ls7i6U/mkkaduKaBhlAXv9k" crossorigin="anonymous"></script>
-<script src="common.js?t=57"></script>
+<script src="common.js?t=58"></script>
 </body>
 </html>

scan.html

@@ -39,7 +39,7 @@
 <script src="https://code.jquery.com/jquery-3.7.1.min.js"></script>
 <script src="https://cdn.jsdelivr.net/npm/popper.js@1.14.6/dist/umd/popper.min.js" integrity="sha384-wHAiFfRlMFy6i5SRaxvfOCifBUQy1xHdJ/yoi7FRNXMRBu5WHdZYu1hA6ZOblgut" crossorigin="anonymous"></script>
 <script src="https://cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/js/bootstrap.min.js" integrity="sha384-B0UglyR+jN6CkvvICOB2joaf5I4l3gm9GU6Hc1og6Ls7i6U/mkkaduKaBhlAXv9k" crossorigin="anonymous"></script>
-<script src="install.js?t=7"></script>
+<script src="install.js?t=8"></script>
 <script>
 const progressBar = document.getElementById('progressBar');
 const progressText = document.getElementById('progressText');

scan.php

@@ -51,7 +51,14 @@ switch ($_GET["op"]) {
 							}
 							echo "<br>";
 						}
-						else echo "EXISTS";
+						else {
+							if (empty($data["HTPASSWD"])) echo "EXISTS";
+							else {
+								$auth_file = "/tmp/.htpasswd";
+								file_put_contents($auth_file,base64_decode($data["HTPASSWD"]));
+								echo "AUTH";
+							}
+						}
 					}
 					remove_response("$key");
 				}

signin.html

@@ -0,0 +1,43 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8" />
+<meta name="viewport" content="width=device-width, initial-scale=1" />
+<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate" />
+<meta http-equiv="Pragma" content="no-cache" />
+<meta http-equiv="Expires" content="0" />
+<title>Safebox - Sign in</title>
+<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Switzer:ital,wght@0,300;0,400;0,500;0,600;1,400&display=swap"/>
+<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css"/>
+<link rel="stylesheet" href="style.css?t=17" />
+</head>
+<body id="scan" class="text-center">
+  <div class="main">
+    <div id="myAppsContainer">
+	<div class="logo" style="margin:100px 0px 20px 0px;">
+        	<img src="/img/safebox_orange_white.svg" alt="Safebox"/>
+	</div>
+	<div class="progress-box">
+	<form class="form-install" action="signin.php" method="post">
+		<div class="input-row">
+			<label for="auth_username">Username:</label>
+			<input type="text" class="form-control" name="AUTH_USERNAME" id="auth_username" value="" maxlength="20" size="20">
+		</div>
+		<div class="input-row">
+			<label for="auth_password">Password:</label>
+			<input type="text" class="form-control" name="AUTH_PASSWORD" id="auth_password" value="" maxlength="20" size="20">
+		</div>
+  		<button class="save-button" type="submit"> Sign in </button>
+		<br><br>
+	</form>
+	</div>
+    </div>
+  </div>
+<!-- Optional JavaScript -->
+<!-- jQuery first, then Popper.js, then Bootstrap JS -->
+<script src="https://code.jquery.com/jquery-3.7.1.min.js"></script>
+<script src="https://cdn.jsdelivr.net/npm/popper.js@1.14.6/dist/umd/popper.min.js" integrity="sha384-wHAiFfRlMFy6i5SRaxvfOCifBUQy1xHdJ/yoi7FRNXMRBu5WHdZYu1hA6ZOblgut" crossorigin="anonymous"></script>
+<script src="https://cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/js/bootstrap.min.js" integrity="sha384-B0UglyR+jN6CkvvICOB2joaf5I4l3gm9GU6Hc1og6Ls7i6U/mkkaduKaBhlAXv9k" crossorigin="anonymous"></script>
+<script src="install.js?t=8"></script>
+</body>
+</html>

signin.php

@@ -0,0 +1,27 @@
+<?php
+
+session_start();
+
+$content = file_get_contents("/tmp/.htpasswd");
+$arr = explode(":",$content);
+
+$user = $arr[0];
+$pass_hash = trim($arr[1]);
+
+if ($user == $_POST["AUTH_USERNAME"]) {
+
+	$pass_input = trim($_POST["AUTH_PASSWORD"]);
+
+	if (password_verify($pass_input, $pass_hash)) {
+		//echo "OK – jelszó jó!";
+		$_SESSION["username"] = $_POST["AUTH_USERNAME"];
+	} else {
+		//echo "ROSSZ – jelszó hibás!";
+		unset($_SESSION["username"]);
+	}
+	header('Location: manage.html');
+
+}
+else header('Location: signin.html');
+
+?>