DVL-012 #121 Password protect the devilbox intranet

2025-01-18 02:40:04 +00:00 · 2017-09-09 10:40:07 +02:00 · 2017-09-09 10:40:07 +02:00 · 63e1acc02a
commit 63e1acc02a
parent 0c4290b0c4
27 changed files with 327 additions and 80 deletions
--- a/.devilbox/www/config.php
+++ b/.devilbox/www/config.php
@ -2,6 +2,9 @@
 // Measure time
 $TIME_START = microtime(true);

+// Start session
+session_start();
+
 // Turn on all PHP errors
 error_reporting(-1);

--- a/.devilbox/www/htdocs/_ajax_callback.php
+++ b/.devilbox/www/htdocs/_ajax_callback.php
@ -1,7 +1,9 @@
 <?php
 require '../config.php';

-if (isset($_GET['database'])) {
+if (loadClass('Helper')->isLoggedIn()) {
+
+	if (isset($_GET['database'])) {
 		if (isset($_GET['type']) && $_GET['type'] == 'mysql') {
 			echo json_encode(array(
 				'size' 	=> (string)loadClass('Mysql')->getDBSize($_GET['database']),
@ -14,6 +16,12 @@ if (isset($_GET['database'])) {
 				'table'	=> (string)loadClass('Pgsql')->getTableCount($_GET['database'], $schema)
 			));
 		}
-} else if (isset($_GET['vhost'])) {
+	} else if (isset($_GET['vhost'])) {
 		echo loadClass('Httpd')->checkVirtualHost($_GET['vhost']);
+	} else {
+		loadClass('Helper')->redirect('/');
+	}
+
+} else {
+	loadClass('Helper')->redirect('/');
 }
--- a/.devilbox/www/htdocs/assets/css/custom.css
+++ b/.devilbox/www/htdocs/assets/css/custom.css
@ -193,3 +193,39 @@ td.break-word {
 .pages {
 	z-index:1000;
 }
+
+
+
+/* login.php;
+-------------------------------------------------- */
+/* Extra markup and styles for table-esque vertical and horizontal centering */
+.site-wrapper {
+	display: table;
+	width: 100%;
+	height: 100%; /* For at least Firefox */
+	min-height: 100%;
+	-webkit-box-shadow: inset 0 0 5rem rgba(0,0,0,.5);
+	box-shadow: inset 0 0 5rem rgba(0,0,0,.5);
+}
+.site-wrapper-inner {
+	display: table-cell;
+	vertical-align: top;
+}
+.cover-container {
+	margin-right: auto;
+	margin-left: auto;
+}
+/* Affix and center */
+@media (min-width: 40em) {
+	/* Start the vertical centering */
+	.site-wrapper-inner {
+		vertical-align: middle;
+	}
+}
+@media (min-width: 62em) {
+	.masthead,
+	.mastfoot,
+	.cover-container {
+		width: 32rem;
+	}
+}
--- a/.devilbox/www/htdocs/credits.php
+++ b/.devilbox/www/htdocs/credits.php
@ -1,4 +1,5 @@
 <?php require '../config.php'; ?>
+<?php loadClass('Helper')->authPage(); ?>
 <!DOCTYPE html>
 <html lang="en">
 	<head>
--- a/.devilbox/www/htdocs/db_memcd.php
+++ b/.devilbox/www/htdocs/db_memcd.php
@ -1,4 +1,5 @@
 <?php require '../config.php'; ?>
+<?php loadClass('Helper')->authPage(); ?>
 <!DOCTYPE html>
 <html lang="en">
 	<head>
--- a/.devilbox/www/htdocs/db_mongo.php
+++ b/.devilbox/www/htdocs/db_mongo.php
@ -1,4 +1,5 @@
 <?php require '../config.php'; ?>
+<?php loadClass('Helper')->authPage(); ?>
 <!DOCTYPE html>
 <html lang="en">
 	<head>
--- a/.devilbox/www/htdocs/db_mysql.php
+++ b/.devilbox/www/htdocs/db_mysql.php
@ -1,4 +1,5 @@
 <?php require '../config.php'; ?>
+<?php loadClass('Helper')->authPage(); ?>
 <?php
 // Also required for JS calls (see bottom of this page)
 $len_table = 4;
--- a/.devilbox/www/htdocs/db_pgsql.php
+++ b/.devilbox/www/htdocs/db_pgsql.php
@ -1,4 +1,5 @@
 <?php require '../config.php'; ?>
+<?php loadClass('Helper')->authPage(); ?>
 <?php
 // Also required for JS calls (see bottom of this page)
 $len_table = 4;
--- a/.devilbox/www/htdocs/db_redis.php
+++ b/.devilbox/www/htdocs/db_redis.php
@ -1,4 +1,5 @@
 <?php require '../config.php'; ?>
+<?php loadClass('Helper')->authPage(); ?>
 <!DOCTYPE html>
 <html lang="en">
 	<head>
--- a/.devilbox/www/htdocs/debug.php
+++ b/.devilbox/www/htdocs/debug.php
@ -1,4 +1,5 @@
 <?php require '../config.php'; ?>
+<?php loadClass('Helper')->authPage(); ?>
 <!DOCTYPE html>
 <html lang="en">
 	<head>
--- a/.devilbox/www/htdocs/index.php
+++ b/.devilbox/www/htdocs/index.php
@ -1,4 +1,5 @@
 <?php require '../config.php'; ?>
+<?php loadClass('Helper')->authPage(); ?>
 <?php

 /*********************************************************************************
--- a/.devilbox/www/htdocs/info_httpd.php
+++ b/.devilbox/www/htdocs/info_httpd.php
@ -1,4 +1,5 @@
 <?php require '../config.php'; ?>
+<?php loadClass('Helper')->authPage(); ?>
 <!DOCTYPE html>
 <html lang="en">
 	<head>
--- a/.devilbox/www/htdocs/info_memcd.php
+++ b/.devilbox/www/htdocs/info_memcd.php
@ -1,4 +1,5 @@
 <?php require '../config.php'; ?>
+<?php loadClass('Helper')->authPage(); ?>
 <!DOCTYPE html>
 <html lang="en">
 	<head>
--- a/.devilbox/www/htdocs/info_mongo.php
+++ b/.devilbox/www/htdocs/info_mongo.php
@ -1,4 +1,5 @@
 <?php require '../config.php'; ?>
+<?php loadClass('Helper')->authPage(); ?>
 <!DOCTYPE html>
 <html lang="en">
 	<head>
--- a/.devilbox/www/htdocs/info_mysql.php
+++ b/.devilbox/www/htdocs/info_mysql.php
@ -1,4 +1,5 @@
 <?php require '../config.php'; ?>
+<?php loadClass('Helper')->authPage(); ?>
 <!DOCTYPE html>
 <html lang="en">
 	<head>
--- a/.devilbox/www/htdocs/info_pgsql.php
+++ b/.devilbox/www/htdocs/info_pgsql.php
@ -1,4 +1,5 @@
 <?php require '../config.php'; ?>
+<?php loadClass('Helper')->authPage(); ?>
 <!DOCTYPE html>
 <html lang="en">
 	<head>
--- a/.devilbox/www/htdocs/info_php.php
+++ b/.devilbox/www/htdocs/info_php.php
@ -1,4 +1,5 @@
 <?php require '../config.php'; ?>
+<?php loadClass('Helper')->authPage(); ?>
 <!DOCTYPE html>
 <html lang="en">
 	<head>
--- a/.devilbox/www/htdocs/info_redis.php
+++ b/.devilbox/www/htdocs/info_redis.php
@ -1,4 +1,5 @@
 <?php require '../config.php'; ?>
+<?php loadClass('Helper')->authPage(); ?>
 <!DOCTYPE html>
 <html lang="en">
 	<head>
--- a/.devilbox/www/htdocs/login.php
+++ b/.devilbox/www/htdocs/login.php
@ -0,0 +1,66 @@
+<?php require '../config.php'; ?>
+<?php
+
+// If login protection is disabled or user has already logged in
+if (loadClass('Helper')->isloggedIn()) {
+	loadClass('Helper')->redirect('/');
+}
+
+// Validate $_POST login
+
+$login_error = '';
+
+if (isset($_POST['username']) && isset($_POST['password'])) {
+
+	// Auth successful
+	if (loadClass('Helper')->login($_POST['username'], $_POST['password'])) {
+		loadClass('Helper')->redirect('/');
+	}
+	$login_error = 'Wrong username or password';
+
+}
+
+?>
+<!DOCTYPE html>
+<html lang="en" style="height: 100%;min-height: 100%;">
+	<head>
+		<?php echo loadClass('Html')->getHead(true); ?>
+	</head>
+
+	<body style="height: 100%; min-height: 100%; text-align: center; color: #fff; text-shadow: 0 .05rem .1rem rgba(0,0,0,.5); background: #1f1f1f; margin-bottom:0 !important;">
+
+		<div class="site-wrapper">
+			<div class="site-wrapper-inner">
+				<div class="cover-container">
+					<div class="container">
+						<div class="inner cover">
+
+							<img src="/assets/img/devilbox_80.png" style="width:60%; padding-bottom:20px;"/>
+							<h1 class="cover-heading">Devilbox Login</h1>
+
+							<div class="text-danger"><?php echo $login_error; ?></div>
+							<form method="POST">
+								<div class="form-group row">
+									<div class="col-sm-12">
+										<input type="text" class="form-control" id="inputUsername" placeholder="Username" name="username" value="<?php echo isset($_POST['username']) ? $_POST['username'] : ''; ?>">
+									</div>
+								</div>
+								<div class="form-group row">
+									<div class="col-sm-12">
+										<input type="password" class="form-control" id="inputPassword" placeholder="Password" name="password">
+									</div>
+								</div>
+								<div class="form-group row">
+									<div class="col-sm-12">
+										<button type="submit" class="btn btn-primary">Sign in</button>
+									</div>
+								</div>
+							</form>
+
+						</div>
+					</div>
+				</div>
+			</div>
+		</div>
+	</body>
+</html>
--- a/.devilbox/www/htdocs/logout.php
+++ b/.devilbox/www/htdocs/logout.php
@ -0,0 +1,11 @@
+<?php require '../config.php'; ?>
+<?php
+
+if (isset($_GET['id'])) {
+	if ($_GET['id'] == session_id()) {
+		loadClass('Helper')->logout();
+		loadClass('Helper')->redirect('/login.php');
+	}
+}
+
+loadClass('Helper')->redirect('/');
--- a/.devilbox/www/htdocs/mail.php
+++ b/.devilbox/www/htdocs/mail.php
@ -1,5 +1,6 @@
+<?php require '../config.php';  ?>
+<?php loadClass('Helper')->authPage(); ?>
 <?php
-require '../config.php';

 //
 // $_POST submit for sending a test email
--- a/.devilbox/www/htdocs/opcache.php
+++ b/.devilbox/www/htdocs/opcache.php
@ -1,4 +1,5 @@
 <?php require '../config.php'; ?>
+<?php loadClass('Helper')->authPage(); ?>
 <?php

 /**
--- a/.devilbox/www/htdocs/vhosts.php
+++ b/.devilbox/www/htdocs/vhosts.php
@ -1,4 +1,5 @@
 <?php require '../config.php'; ?>
+<?php loadClass('Helper')->authPage(); ?>
 <!DOCTYPE html>
 <html lang="en">
 	<head>
--- a/.devilbox/www/include/lib/Helper.php
+++ b/.devilbox/www/include/lib/Helper.php
@ -172,4 +172,64 @@ class Helper
 		exec($cmd, $output, $exit_code);
 		return implode ("\n", $output);
 	}
+
+
+	public function redirect($url)
+	{
+		header('Location: '.$url);
+		exit;
+	}
+
+
+	/*********************************************************************************
+	 *
+	 * Login Helper Functions
+	 *
+	 *********************************************************************************/
+
+	public function login($username, $password)
+	{
+		$dvl_password = loadClass('Helper')->getEnv('DEVILBOX_UI_PASSWORD');
+
+		if ($username == 'devilbox' && $password == $dvl_password) {
+			$_SESSION['auth'] = 1;
+			return true;
+		}
+		return false;
+	}
+	public function logout()
+	{
+		if (isset($_SESSION['auth'])) {
+			$_SESSION['auth'] = 0;
+			unset($_SESSION['auth']);
+		}
+	}
+	public function isLoginProtected()
+	{
+		// No password protection enabled
+		if (loadClass('Helper')->getEnv('DEVILBOX_UI_PROTECT') != 1) {
+			return false;
+		}
+		return true;
+
+	}
+	public function isloggedIn()
+	{
+		// No password protection enabled
+		if (!$this->isLoginProtected()) {
+			return true;
+		}
+
+		// Alredy logged in
+		if (isset($_SESSION['auth']) && $_SESSION['auth'] == 1) {
+			return true;
+		}
+		return false;
+	}
+	public function authPage()
+	{
+		if (!$this->isloggedIn()) {
+			$this->redirect('/login.php');
+		}
+	}
 }
--- a/.devilbox/www/include/lib/Html.php
+++ b/.devilbox/www/include/lib/Html.php
@ -183,6 +183,12 @@ HTML;
 	public function getNavbar()
 	{
 		$menu = $this->_buildMenu();
+		$logout = '';
+		if (loadClass('Helper')->isLoginProtected()) {
+			$logout =	'<ul class="navbar-nav">'.
+							'<li class="nav-item text-right"><a class="nav-link" href="/logout.php?id='.session_id().'">Log out</a></li>'.
+						'</ul>';
+		}

 		$html = <<<HTML
 			<nav class="navbar navbar-toggleable-md navbar-inverse bg-inverse">
@ -198,8 +204,11 @@ HTML;

 						{$menu}

+
 					</ul>
+					{$logout}
 				</div>
+
 			</nav>
 			<br/>
 HTML;
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -97,6 +97,12 @@ services:
      - TLD_SUFFIX=${TLD_SUFFIX:-loc}
      - DNS_CHECK_TIMEOUT=${DNS_CHECK_TIMEOUT:-1}

+      ##
+      ## Password protect the devilbox Intranet
+      ##
+      - DEVILBOX_UI_PROTECT=${DEVILBOX_UI_PROTECT:-0}
+      - DEVILBOX_UI_PASSWORD=${DEVILBOX_UI_PASSWORD}
+
      ##
      ## PHP Xdebug
      ##
--- a/30
+++ b/30
@ -102,6 +102,36 @@ NEW_GID=1000
 TIMEZONE=Europe/Berlin


+###
+### Devilbox UI Password protection enable/disable (1/0)
+###
+### Set DEVILBOX_UI_PROTECT to 1 in order to password protect the
+### intranet.
+###
+### Example:
+###   DEVILBOX_UI_PROTECT=1
+###   DEVILBOX_UI_PROTECT=0
+###
+DEVILBOX_UI_PROTECT=0
+
+
+###
+### Devilbox UI Password
+###
+### When DEVILBOX_UI_PROTECT=1, use the following password
+### to log in. The password can always be changed.
+### When changing the password, make sure to restart your
+### PHP container.
+###
+### Example:
+###   DEVILBOX_UI_PASSWORD=my-very-secure-password
+###   DEVILBOX_UI_PASSWORD=Some pass with spaces
+###
+### The default username is 'devilbox'
+###
+DEVILBOX_UI_PASSWORD=password
+
+

 ################################################################################
 ###