diff options
Diffstat (limited to 'lib/admin.php')
| -rw-r--r-- | lib/admin.php | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/lib/admin.php b/lib/admin.php new file mode 100644 index 0000000..8b36b36 --- /dev/null +++ b/lib/admin.php @@ -0,0 +1,57 @@ +<?php + +class admin { + + const SESSION_TIMEOUT = 86400 * 14; + const COOKIE_NAME = 'admin_key'; + + protected static ?bool $isAdmin = null; + + public static function isAdmin(): bool { + if (is_null(self::$isAdmin)) + self::$isAdmin = self::_verifyKey(); + return self::$isAdmin; + } + + protected static function _verifyKey(): bool { + if (isset($_COOKIE[self::COOKIE_NAME])) { + $cookie = (string)$_COOKIE[self::COOKIE_NAME]; + if ($cookie !== self::getKey()) + self::unsetCookie(); + return true; + } + return false; + } + + public static function checkPassword(string $pwd): bool { + return salt_password($pwd) === config::get('admin_pwd'); + } + + protected static function getKey(): string { + global $config; + $admin_pwd_hash = config::get('admin_pwd'); + return salt_password("$admin_pwd_hash|{$_SERVER['REMOTE_ADDR']}"); + } + + public static function setCookie(): void { + global $config; + $key = self::getKey(); + setcookie(self::COOKIE_NAME, $key, time() + self::SESSION_TIMEOUT, '/', $config['cookie_host']); + } + + public static function unsetCookie(): void { + global $config; + setcookie(self::COOKIE_NAME, null, -1, '/', $config['cookie_host']); + } + + public static function logAuth(): void { + getDb()->insert('admin_log', [ + 'ts' => time(), + 'ip' => ip2ulong($_SERVER['REMOTE_ADDR']), + 'ua' => $_SERVER['HTTP_USER_AGENT'] ?? '', + ]); + } + + +} + |