lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-14 12:30:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

Challenge-Response Authentication

Browse Source
This commit is contained in:
xiaomlove
2025-04-05 15:38:40 +07:00
parent bd9b4d7e1d
commit 97dc956c20
28 changed files with 538 additions and 329 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
app/Providers/AuthServiceProvider.php
View File

@@ -53,8 +53,9 @@ class AuthServiceProvider extends ServiceProvider
*/
public function boot()
{
//some plugin use this guard
Auth::viaRequest('nexus-cookie', function (Request $request) {
return $this->getUserByCookie($request->cookie());
return get_user_from_cookie($request->cookie(), false);
});
Auth::extend('nexus-web', function ($app, $name, array $config) {
@@ -72,33 +73,4 @@ class AuthServiceProvider extends ServiceProvider
}
private function getUserByCookie($cookie)
{
if (empty($cookie["c_secure_pass"]) || empty($cookie["c_secure_uid"]) || empty($cookie["c_secure_login"])) {
return null;
}
$b_id = base64($cookie["c_secure_uid"],false);
$id = intval($b_id ?? 0);
if (!$id || !is_valid_id($id) || strlen($cookie["c_secure_pass"]) != 32) {
return null;
}
$user = User::query()->find($id);
if (!$user) {
return null;
}
if ($cookie["c_secure_login"] == base64("yeah")) {
/**
* Not IP related
* @since 1.8.0
*/
if ($cookie["c_secure_pass"] != md5($user->passhash)) {
return null;
}
} else {
if ($cookie["c_secure_pass"] !== md5($user->passhash)) {
return null;
}
}
return $user;
}
}