Auth

2021-08-11 18:46:40 +02:00 · 2021-08-11 18:46:40 +02:00 · 213995b0aa
commit 213995b0aa
parent 257d3c89a4
2 changed files with 18 additions and 6 deletions
--- a/.htaccess
+++ b/.htaccess
@ -1,10 +1,19 @@
-# Deny access to .htaccess
 <Files .htaccess>
 Order allow,deny
 Deny from all
 </Files>

-AuthUserFile ./.htpasswd
-AuthType Basic
-AuthName "My restricted Area"
-Require valid-user
+<Files users.txt>
+Order allow,deny
+Deny from all
+</Files>
+
+<IfModule mod_rewrite.c>
+   RewriteEngine on
+   RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+</IfModule>
+
+#AuthUserFile ./.htpasswd
+#AuthType Basic
+#AuthName "My restricted Area"
+#Require valid-user
--- a/index.php
+++ b/index.php
@ -39,6 +39,7 @@ $use_password = false;
 $mode_register = false;
 $mode_digest = false;

+
 // STYLING (light or dark)
 $color  = "light";

@ -68,6 +69,8 @@ if( !$title ) { $title = clean_title(basename(dirname(__FILE__))); }

 //
 if ($use_password) {
+    // Rely on apache htaccess RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+    list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
    if ($mode_digest) loginDigest();
    else if ($mode_register) register();
    else login();
@ -535,7 +538,7 @@ function loginDigest() {

    // ok, valid username & password
    echo 'You are logged in as: ' . $data['username'];
-    
+
 }

 // function to parse the http auth header