From: Vincent Vanwaelscappel Date: Wed, 15 May 2024 11:43:30 +0000 (+0200) Subject: wip #6899 @1.5 X-Git-Url: http://git.cubedesigners.com/?a=commitdiff_plain;h=c84086c0b0d941cffc1540f0494cfaf48796d08f;p=fluidbook-toolbox.git wip #6899 @1.5 --- diff --git a/app/Fluidbook/Compiler/Secure.php b/app/Fluidbook/Compiler/Secure.php index 44464769c..3f5bc39fd 100644 --- a/app/Fluidbook/Compiler/Secure.php +++ b/app/Fluidbook/Compiler/Secure.php @@ -21,17 +21,26 @@ trait Secure protected function _getSecureUsers() { $credentials = Text::explodeNewLines(trim($this->fluidbookSettings->secureClientSidePasswordCredentials)); - $credentials[] = 'fluidbook:LatacaM4##*'; + if ($this->fluidbookSettings->secureClientSideMode == '1') { + $credentials[] = 'fluidbook'; + } else { + $credentials[] = 'fluidbook:LatacaM4##*'; + } $users = []; foreach ($credentials as $credential) { $salt = bin2hex(random_bytes(5)); $e = explode(':', $credential); - if (count($e) <= 1) { + if ($this->fluidbookSettings->secureClientSideMode == '0' && count($e) <= 1) { continue; } $usersalt = bin2hex(random_bytes(5)); $user = hash("sha256", $usersalt . '+' . mb_strtolower($e[0])); - $users[$user] = ['salt' => $salt, 'usersalt' => $usersalt, 'hash' => hash("sha256", $salt . '-' . Text::removeAccents($e[1]))]; + $u = ['salt' => $salt, 'usersalt' => $usersalt]; + if (count($e) > 1 && $this->fluidbookSettings->secureClientSideMode != '0') { + $u['hash'] = hash("sha256", $salt . '-' . Text::removeAccents($e[1])); + } + $users[$user] = $u; + } return $users; } @@ -89,7 +98,8 @@ trait Secure $variables['FORM_USERNAME'] = $locale['Username'] ?? 'Username'; $variables['FORM_PASSWORD'] = $locale['Password'] ?? 'Password'; $variables['FORM_SIGN_IN'] = $locale['Sign in'] ?? 'Sign in'; - $variables['CODE'] = ' + if ($this->fluidbookSettings->secureClientSideMode == '0') { + $variables['CODE'] = ' $(function(){ $(\'form\').on(\'submit\', function (e) { e.preventDefault(); @@ -116,6 +126,30 @@ trait Secure return false; }); });'; + } else { + $variables['CODE'] = ' + $(function(){ + $(\'form\').on(\'submit\', function (e) { + e.preventDefault(); + + var u = $("#username").val().toLowerCase(); + var error = true; + $.each(CREDENTIALS, function (user, data) { + let hu = forge_sha256(data.usersalt + \'+\' + u); + + if (hu === user) { + error = false; + window.sessionStorage.setItem(\'secureUsername\', u); + window.location = \'index.html\'; + } + }); + if (error) { + $("#message").text(\'' . addcslashes($locale['User unknown'] ?? 'User unknown', "'") . '\'); + } + return false; + }); + });'; + } $variables['CSS'] = $this->fluidbookSettings->secureClientSideStyles; $this->fluidbookSettings->secureClientSideFont = $this->fluidbookSettings->secureClientSideFont ?: 'OpenSans'; $this->addFontKit($this->fluidbookSettings->secureClientSideFont); diff --git a/app/Models/Traits/PublicationSettings.php b/app/Models/Traits/PublicationSettings.php index 82b474942..e51689cf8 100644 --- a/app/Models/Traits/PublicationSettings.php +++ b/app/Models/Traits/PublicationSettings.php @@ -1798,6 +1798,7 @@ trait PublicationSettings protected function _securePage() { $this->addSettingField('section_securepage', FormSection::class, $this->__('Sécurisation par une page de login')); + $this->addSettingField('secureClientSideMode', SelectFromArray::class, __('Mode de d\'authentification'), ['default' => '0', 'options' => ['0' => __('Nom d\'utilisateur et un mot de passe'), '1' => __('Nom d\'utilisateur uniquement')]]); $this->addSettingField('secureClientSidePassword', FilesOrURL::class, __('Template HTML'), [ 'v2' => '{"type":"freefile","label":"S\\u00e9curisation par mot de passe c\\u00f4t\\u00e9 client","editable":true,"default":"","grade":3,"fileFilter":{"name":"\\u00a7!\\u00a7Fichier HTML!\\u00a7! (*.html)","extensions":"*.html"}}', 'accept' => self::$acceptHTML,