make password protection configurable

2022-07-23 19:58:55 +02:00
parent 25a4658a26
commit 6bfa7d5816
2 changed files with 30 additions and 8 deletions
--- a/config/pialert.conf
+++ b/config/pialert.conf
@@ -12,6 +12,7 @@ DB_PATH           = PIALERT_PATH + '/db/pialert.db'
 LOG_PATH          = PIALERT_PATH + '/log'
 VENDORS_DB        = '/usr/share/arp-scan/ieee-oui.txt'
 PRINT_LOG         = False
+PIALERT_WEB_PROTECTION = False
 PIALERT_WEB_PASSWORD = '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92'

 SMTP_SERVER       = 'smtp.gmail.com'
--- a/front/index.php
+++ b/front/index.php
@@ -4,23 +4,39 @@ session_start();
 if ($_REQUEST['action'] == 'logout') {
  session_destroy();
  header('Location: /pialert/index.php');
-//  session_start();
-//  $_SESSION["login"] = 236789046202545614837645948;
 }
-
+##################################################
+## Login Processing start
+##################################################
 $config_file = "../config/pialert.conf";
 $config_file_lines = file($config_file);
+
+###################################
+## PIALERT_WEB_PROTECTION FALSE
+###################################
+
+$config_file_lines_bypass = array_values(preg_grep('/^PIALERT_WEB_PROTECTION\s.*/', $config_file_lines));
+$protection_line = explode("=", $config_file_lines_bypass[0]);
+$Pia_WebProtection = strtolower(trim($protection_line[1]));
+
+if ($Pia_WebProtection == 'false')
+  {
+      header('Location: /pialert/devices.php');
+      $_SESSION["login"] = 1;
+      exit;
+  }
+
+###################################
+## PIALERT_WEB_PROTECTION TRUE
+###################################
+
 $config_file_lines = array_values(preg_grep('/^PIALERT_WEB_PASSWORD\s.*/', $config_file_lines));
-//print_r($password_line);
 $password_line = explode("'", $config_file_lines[0]);
 $Pia_Password = $password_line[1];
-//echo $Pia_Password;

 if ($Pia_Password == hash('sha256',$_POST["loginpassword"]))
  {
      header('Location: /pialert/devices.php');
-      # Userdaten korrekt - User ist eingeloggt
-      # Login merken !
      $_SESSION["login"] = 1;
  }

@@ -32,7 +48,12 @@ if ($_SESSION["login"] == 1)
 if ($_SESSION["login"] != 1)
  {
      if (file_exists('../db/setting_darkmode')) {$ENABLED_DARKMODE = True;}
-      if ($Pia_Password == '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92') {$login_info = 'Defaultpassword "123456" is still active';}
+      if ($Pia_Password == '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92') {$login_info = 'Defaultpassword "123456" is still active';
+  }
+
+##################################################
+## Login Processing end
+##################################################
 ?>

 <!DOCTYPE html>