27 lines
1002 B
PHP
27 lines
1002 B
PHP
<?php
|
|
if (empty($_REQUEST['user']) || empty($_REQUEST['pw']))
|
|
die('0');
|
|
|
|
function authenticate($user, $pass){
|
|
// run shell command to output shadow file, and extract line for $user
|
|
// then spit the shadow line by $ or : to get component parts
|
|
// store in $shad as array
|
|
$shad = preg_split("/[$:]/",`cat /etc/shadow | grep "^$user\:"`);
|
|
// use mkpasswd command to generate shadow line passing $pass and $shad[3] (salt)
|
|
// split the result into component parts
|
|
$mkps = preg_split("/[$:]/",trim(`mkpasswd -m sha-512 $pass $shad[3]`));
|
|
// compare the shadow file hashed password with generated hashed password and return
|
|
return ($shad[4] == $mkps[3]);
|
|
}
|
|
|
|
if (isset($_REQUEST["json"])) {
|
|
$auth = authenticate($_REQUEST['user'], $_REQUEST['pw']);
|
|
echo json_encode([
|
|
"authenticated" => $auth,
|
|
"sudoer" => $auth && in_array($_REQUEST["user"], posix_getgrnam("sudo")["members"])
|
|
]);
|
|
} else { // v1 api
|
|
echo authenticate($_REQUEST['user'], $_REQUEST['pw']) ? '1' : '0';
|
|
}
|
|
|