lib/admin.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51

<?php

require_once 'lib/stored_config.php';

const ADMIN_SESSION_TIMEOUT = 86400 * 14;
const ADMIN_COOKIE_NAME = 'admin_key';

function is_admin(): bool {
    static $is_admin = null;
    if (is_null($is_admin))
        $is_admin = _admin_verify_key();
    return $is_admin;
}

function _admin_verify_key(): bool {
    if (isset($_COOKIE[ADMIN_COOKIE_NAME])) {
        $cookie = (string)$_COOKIE[ADMIN_COOKIE_NAME];
        if ($cookie !== _admin_get_key())
            admin_unset_cookie();
        return true;
    }
    return false;
}

function admin_check_password(string $pwd): bool {
    return salt_password($pwd) === scGet('admin_pwd');
}

function _admin_get_key(): string {
    $admin_pwd_hash = scGet('admin_pwd');
    return salt_password("$admin_pwd_hash|{$_SERVER['REMOTE_ADDR']}");
}

function admin_set_cookie(): void {
    global $config;
    $key = _admin_get_key();
    setcookie(ADMIN_COOKIE_NAME, $key, time() + ADMIN_SESSION_TIMEOUT, '/', $config['cookie_host']);
}

function admin_unset_cookie(): void {
    global $config;
    setcookie(ADMIN_COOKIE_NAME, '', 1, '/', $config['cookie_host']);
}

function admin_log_auth(): void {
    DB()->insert('admin_log', [
        'ts' => time(),
        'ip' => ip2ulong($_SERVER['REMOTE_ADDR']),
        'ua' => $_SERVER['HTTP_USER_AGENT'] ?? '',
    ]);
}