diff options
| author | horus_arch | 2017-02-20 13:48:50 +0100 |
|---|---|---|
| committer | horus_arch | 2017-02-20 13:48:50 +0100 |
| commit | 5fd2250f7c9a5be373e5c71f50d0c1e001f80322 (patch) | |
| tree | 4002d553fa82dbf79ca347f1ad0a3d02934b8726 /intern.gospeladlershof.de | |
| parent | c6cee4ef99447082d0dc64791f35cdfe40c9d810 (diff) | |
| download | gospeladlershof.de-5fd2250f7c9a5be373e5c71f50d0c1e001f80322.tar.gz | |
Testet Passwordless-Login.
Diffstat (limited to 'intern.gospeladlershof.de')
| -rw-r--r-- | intern.gospeladlershof.de/check_login.php | 42 | ||||
| -rw-r--r-- | intern.gospeladlershof.de/code/check_login.php | 37 | ||||
| -rw-r--r-- | intern.gospeladlershof.de/code/login.php | 79 | ||||
| -rw-r--r-- | intern.gospeladlershof.de/code/send_email.php | 11 | ||||
| -rw-r--r-- | intern.gospeladlershof.de/code/template/html_mail.php | 250 | ||||
| -rw-r--r-- | intern.gospeladlershof.de/code/template/text_mail.php | 10 | ||||
| -rw-r--r-- | intern.gospeladlershof.de/login.php | 8 |
7 files changed, 404 insertions, 33 deletions
diff --git a/intern.gospeladlershof.de/check_login.php b/intern.gospeladlershof.de/check_login.php new file mode 100644 index 0000000..e812a99 --- /dev/null +++ b/intern.gospeladlershof.de/check_login.php @@ -0,0 +1,42 @@ +<?php +define('LOGIN_SITE', true); +require_once __DIR__ . '/code/session.php'; +$title="Login"; +require_once __DIR__ . '/header.php'; +?> + <body> + + <div class="container"> + + <form class="form-signin" method="POST" action="/code/check_login.php"> + +<?php +if ( ! empty($_SESSION) ) { + if ( isset($_SESSION["login"]) && $_SESSION["login"]){ + header($_SERVER["SERVER_PROTOCOL"] . " 302 Redirect"); + header("Location: /"); + exit; + } + if ( !is_null($_SESSION["error"]) ) { +?> +<div class="alert alert-danger" role="alert"> +<?php + echo htmlentities($_SESSION["error"]); + unset($_SESSION["error"]); +?> +</div> +<?php + } +} +?> + <h2 class="form-signin-heading">Login</h2> + <label for="inputEmail" class="sr-only">Authentifizierung</label> + <input name="text" type="text" id="auth_code" class="form-control" placeholder="Der Code aus der E-Mail-Adresse" required autofocus> + <span class="help-block">Du hast einen Code aus der E-Mail enthalten. Trag ihn hier ein.</span> + <button class="btn btn-lg btn-primary btn-block" type="submit">Lass mich rein</button> + </form> + + </div> <!-- /container --> +<?php +require_once __DIR__ . '/footer.php'; +?> diff --git a/intern.gospeladlershof.de/code/check_login.php b/intern.gospeladlershof.de/code/check_login.php new file mode 100644 index 0000000..0ea8ecd --- /dev/null +++ b/intern.gospeladlershof.de/code/check_login.php @@ -0,0 +1,37 @@ +<?php + +define("LOGIN_SITE", true); +require_once __DIR__ . '/session.php'; +require_once __DIR__ . '/../vendor/autoload.php'; + +$mail = strtolower($_REQUEST["email"]); +$hash = $_REQUEST["hash"]; + +$redis = new Predis\Client([ + 'scheme' => 'tcp', + 'host' => '192.168.122.1', + 'port' => 6379, + 'database' => 2, +]); + +$correct_hash = $redis->get($mail); + +if ( $hash === $correct_hash ) { + $_SESSION["login"] = true; + $_SESSION["success"] = "Erfolgreich eingeloggt."; + $_SESSION["user"] = $mail; + + $_SESSION["dontdisplaydeploybutton"] = 1; + + header($_SERVER["SERVER_PROTOCOL"] . " 302 Redirect"); + header("Location: /"); + + exit; +} else { + + $_SESSION["login"] = false; + $_SESSION["error"] = "Entweder kennen wir deine E-Mail nicht oder du hast den Code falsch kopiert."; + + header($_SERVER["SERVER_PROTOCOL"] . " 302 Redirect"); + header("Location: /login.php"); +} diff --git a/intern.gospeladlershof.de/code/login.php b/intern.gospeladlershof.de/code/login.php index ba41b1c..002ddd3 100644 --- a/intern.gospeladlershof.de/code/login.php +++ b/intern.gospeladlershof.de/code/login.php @@ -2,45 +2,71 @@ define("LOGIN_SITE", true); require_once __DIR__ . '/session.php'; +require_once __DIR__ . '/../vendor/autoload.php'; +use Pheanstalk\Pheanstalk; -$mail = $_REQUEST["email"]; +$mail = strtolower($_REQUEST["email"]); $passwd = hash("sha512", $_REQUEST["password"]); $addresses= file(__DIR__ . "/../../intern/chor_list_members.txt", FILE_IGNORE_NEW_LINES); -if ( "2397be3187f0ab864802fbe2b6c3207a01328988d524973d4eeaa48928410a2588263882e37e68363691fd8d7c3c83e8ebe46166bee13404ae61484c13b55e1f" === $passwd || - "319e789e0fa1867bb08b197b306cc48aa0a109511f5e36dbdd1ed642cda8b7f222b0b6a31a43d2302d17562734d40eeb1f85cb99b4bf3101b3c7cef490d89ed2" === $passwd || - "bf3da3d012e3ed51eeae20f3d5e37e655dfb9a0a1bcf29fec7d9ff425547de2388d21a4395019e0d433beb1b7f5a9f730535ea85b2ba6de7eb0d84aafb76902a" === $passwd || - "373a3dd664c54f99059c4801f3807bdc16c4c22f208a05a5a3d8e990c3e76d4a96c27ebe6aa2b8db1ca02eee3d5e5a458dc5819e3852952f5b7d5f3e631b6fcf" === $passwd -) { +foreach($addresses as $a) { -/* -if ( $mail === "Chor" || "chor" === $mail ) { - $_SESSION["login"] = true; - $_SESSION["success"] = "Erfolgreich eingeloggt. Der Nutzername 'chor' wird bald deaktiviert. Bitte benutze deine E-Mail-Adresse als Login-Name."; + if ( $mail === strtolower($a) ) { + $hash = chr( mt_rand( 97 ,122 ) ) .substr( md5( time( ) ) ,1 ); + ob_start(); + require __DIR__ . '/template/html_mail.php'; + $htmlmessage = ob_get_clean(); - $_SESSION["dontdisplaydeploybutton"] = 1; - $_SESSION["user"] = $mail; + ob_start(); + require __DIR__ . 'template/text_mail.php'; + $textmessage = ob_get_clean(); - header($_SERVER["SERVER_PROTOCOL"] . " 302 Redirect"); - header("Location: /"); + $redis = new Predis\Client([ + 'scheme' => 'tcp', + 'host' => '192.168.122.1', + 'port' => 6379, + 'database' => 2, + ]); - exit; + $redis->set($mail, $hash, "ex", 86400); // hält den Wert für 24h + + $pheanstalk = new Pheanstalk('192.168.122.1'); + + $data = array( + 'To' => $mail, + 'Name' => 'Gospelchor Adlershof', + 'From' => 'noreply@gospeladlershof.de', + 'ReplyTo' => 'webmaster@gospeladlershof.de', + 'Subject' => 'Gospelchor Adlershof | Login', + 'HTMLMessage' => $htmlmessage, + 'TextMessage' => $textmessage, + ); + + $pheanstalk + ->useTube('contactme_mailer') + ->put(json_encode($data)); + + $_SESSION["user"] = $mail; + + error_log(json_encode($data)); + } } - */ - foreach($addresses as $a) { - if ( strtolower($mail) === strtolower($a) ) { - $_SESSION["login"] = true; - $_SESSION["success"] = "Erfolgreich eingeloggt."; - $_SESSION["dontdisplaydeploybutton"] = 1; - $_SESSION["user"] = $mail; +header($_SERVER["SERVER_PROTOCOL"] . " 302 Redirect"); +header("Location: /check_login.php"); + + /* + $_SESSION["login"] = true; + $_SESSION["success"] = "Erfolgreich eingeloggt."; + + $_SESSION["dontdisplaydeploybutton"] = 1; + $_SESSION["user"] = $mail; - header($_SERVER["SERVER_PROTOCOL"] . " 302 Redirect"); - header("Location: /"); + header($_SERVER["SERVER_PROTOCOL"] . " 302 Redirect"); + header("Location: /"); - exit; - } + exit; } } @@ -49,3 +75,4 @@ $_SESSION["error"] = "E-Mail oder Passwort stimmmen nicht überein."; header($_SERVER["SERVER_PROTOCOL"] . " 302 Redirect"); header("Location: /login.php"); + */ diff --git a/intern.gospeladlershof.de/code/send_email.php b/intern.gospeladlershof.de/code/send_email.php new file mode 100644 index 0000000..72cd25f --- /dev/null +++ b/intern.gospeladlershof.de/code/send_email.php @@ -0,0 +1,11 @@ +<?php + +require_once __DIR__ . '/../vendor/autoload.php'; + +use Pheanstalk\Pheanstalk; + +$pheanstalk = new Pheanstalk('192.168.122.1'); + +$pheanstalk + ->useTube('testtube') + ->put($data); diff --git a/intern.gospeladlershof.de/code/template/html_mail.php b/intern.gospeladlershof.de/code/template/html_mail.php new file mode 100644 index 0000000..0389e64 --- /dev/null +++ b/intern.gospeladlershof.de/code/template/html_mail.php @@ -0,0 +1,250 @@ +<!doctype html> +<html> +<head> +<meta name="viewport" content="width=device-width"> +<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> +<title>Gospelchor Adlershof | Login</title> +<style> +/* ------------------------------------- + GLOBAL +------------------------------------- */ +* { + font-family: "Helvetica Neue", "Helvetica", Helvetica, Arial, sans-serif; + font-size: 100%; + line-height: 1.6em; + margin: 0; + padding: 0; +} + +img { + max-width: 600px; + width: 100%; +} + +body { + -webkit-font-smoothing: antialiased; + height: 100%; + -webkit-text-size-adjust: none; + width: 100% !important; +} + + +/* ------------------------------------- + ELEMENTS +------------------------------------- */ +a { + color: #3083D6; +} + +.btn-primary { + Margin-bottom: 10px; + width: auto !important; +} + +.btn-primary td { + background-color: #3083D6; + border-radius: 25px; + font-family: "Helvetica Neue", Helvetica, Arial, "Lucida Grande", sans-serif; + font-size: 14px; + text-align: center; + vertical-align: top; +} + +.btn-primary td a { + background-color: #3083D6; + border: solid 1px #3083D6; + border-radius: 25px; + border-width: 10px 20px; + display: inline-block; + color: #ffffff; + cursor: pointer; + font-weight: bold; + line-height: 2; + text-decoration: none; +} + +.last { + margin-bottom: 0; +} + +.first { + margin-top: 0; +} + +.padding { + padding: 10px 0; +} + + +/* ------------------------------------- + BODY +------------------------------------- */ +table.body-wrap { + padding: 20px; + width: 100%; +} + +table.body-wrap .container { + border: 1px solid #f0f0f0; +} + + +/* ------------------------------------- + FOOTER +------------------------------------- */ +table.footer-wrap { + clear: both !important; + width: 100%; +} + +.footer-wrap .container p { + color: #666666; + font-size: 12px; + +} + +table.footer-wrap a { + color: #999999; +} + + +/* ------------------------------------- + TYPOGRAPHY +------------------------------------- */ +h1, +h2, +h3 { + color: #111111; + font-family: "Helvetica Neue", Helvetica, Arial, "Lucida Grande", sans-serif; + font-weight: 200; + line-height: 1.2em; + margin: 40px 0 10px; +} + +h1 { + font-size: 36px; +} +h2 { + font-size: 28px; +} +h3 { + font-size: 22px; +} + +p, +ul, +ol { + font-size: 14px; + font-weight: normal; + margin-bottom: 10px; +} + +ul li, +ol li { + margin-left: 5px; + list-style-position: inside; +} + +/* --------------------------------------------------- + RESPONSIVENESS +------------------------------------------------------ */ + +/* Set a max-width, and make it display as block so it will automatically stretch to that width, but will also shrink down on a phone or something */ +.container { + clear: both !important; + display: block !important; + Margin: 0 auto !important; + max-width: 600px !important; +} + +/* Set the padding on the td rather than the div for Outlook compatibility */ +.body-wrap .container { + padding: 20px; +} + +/* This should also be a block element, so that it will fill 100% of the .container */ +.content { + display: block; + margin: 0 auto; + max-width: 600px; +} + +/* Let's make sure tables in the content area are 100% wide */ +.content table { + width: 100%; +} + +</style> +</head> + +<body bgcolor="#f6f6f6"> + +<!-- body --> +<table class="body-wrap" bgcolor="#f6f6f6"> + <tr> + <td></td> + <td class="container" bgcolor="#FFFFFF"> + + <!-- content --> + <div class="content"> + <table> + <tr> + <td> + <h1>Gospelchor Adlershof</h1> + <p>Hallo,</p> + <p>um dich auf der Website des Gospelchors einzuloggen, folge bitte diesem Link:</p> + <!-- button --> + <table class="btn-primary" cellpadding="0" cellspacing="0" border="0"> + <tr> + <td> + <a href="https://intern.gospeladlershof.de/code/check_login.php?email=<?php echo htmlentities($mail); ?>&hash=<?php echo $hash; ?>" title="Einloggen">Hier klicken um zur Website des Gospelchors zu kommen</a> + </td> + </tr> + </table> + <!-- /button --> + <p>Der Link verfällt innerhalb 24h.</p> + <p>Sollte der Link nicht funktionieren, dein Authentifizierungscode lautet <strong><?php echo $hash; ?></strong>.</p> + <!--p>Wenn du diese E-Mail nicht erwartet hast, bitte ignoriere sie.</p--> + <p>Viele Gr<?php echo htmlentities("üß"); ?>, <br> + der Gospelchor</p> + <p><a href="https://www.gospeladlershof.de/" title="Website des Gospelchors">Website des Gospelchors</a></p> + <p><a href="https://intern.iamfabulous.de/mailman/private/chor" title="Archiv der Mailing Liste">Archiv der Mailing Liste</a></p> + </td> + </tr> + </table> + </div> + <!-- /content --> + + </td> + <td></td> + </tr> +</table> +<!-- /body --> + +<!-- footer --> +<table class="footer-wrap"> + <tr> + <td></td> + <td class="container"> + + <!-- content --> + <div class="content"> + <table> + <tr> + <td align="center"> + <p><a href="https://www.complicissimus.de/">Maximilian Möhring</a> + </p> + </td> + </tr> + </table> + </div> + <!-- /content --> + + </td> + <td></td> + </tr> +</table> +<!-- /footer --> + +</body> +</html> diff --git a/intern.gospeladlershof.de/code/template/text_mail.php b/intern.gospeladlershof.de/code/template/text_mail.php new file mode 100644 index 0000000..7e67be7 --- /dev/null +++ b/intern.gospeladlershof.de/code/template/text_mail.php @@ -0,0 +1,10 @@ +Hallo, + +um dich auf der Webseite des Gospelchors einzuloggen, folge bitte diesem Link: +https://intern.gospeladlershof.de/code/check_login.php?email=<?php echo htmlentities($mail);>&hash=<?php echo $hash; ?> + +Der Link verfällt innerhalb 24h. +Sollte der Link nicht funktionieren, dein Authentifizierungscode lautet <?php echo $hash; ?>. + +Viele Grüße, +der Gospelchor diff --git a/intern.gospeladlershof.de/login.php b/intern.gospeladlershof.de/login.php index c9462f1..23c2695 100644 --- a/intern.gospeladlershof.de/login.php +++ b/intern.gospeladlershof.de/login.php @@ -32,13 +32,7 @@ if ( ! empty($_SESSION) ) { <h2 class="form-signin-heading">Bitte melde dich an</h2> <label for="inputEmail" class="sr-only">E-Mail Adresse</label> <input name="email" type="email" id="inputEmail" class="form-control" placeholder="E-Mail-Adresse" required autofocus> - <label for="inputPassword" class="sr-only">Passwort</label> - <input name="password" type="password" id="inputPassword" class="form-control" placeholder="Passwort" required> - <!--div class="checkbox"> - <label> - <input type="checkbox" value="remember-me"> Bleib angemeldet - </label> - </div--> + <span class="helper-block">Es wird dir eine E-Mail an dieselbe Adresse geschickt, mit der du auch die anderen E-Mails des Chors liest.</span> <button class="btn btn-lg btn-primary btn-block" type="submit">Lass mich rein</button> </form> |