lukas.uptmoor/webgis-lohne
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

new moderation portal with CRUD operations and map preview function, bugfixes, comments and improved textblocks #7

Merged
lukas.uptmoor merged 11 commits from dev/patrick into main 2026-04-23 08:41:29 +02:00
Conversation 0 Commits 11 Files Changed 7 +2 -15
1 changed files with 2 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 27d41c0847 - Show all commits

17
public/api/auth.php
View File

@@ -2,15 +2,10 @@
// ===================================================================== // =====================================================================
// Admin Authentication Helper // Admin Authentication Helper
// Provides simple Password-based Session Authentication for the // Provides simple Password-based Session Authentication for the
// Moderation Page. Uses ADMIN_PASSWORD from .env File. // Moderation Page. Reads Password from .env File.
// ToDo: Replace with full User Authentication in Phase 3-3. // ToDo: Replace with full User Authentication in Phase 3-3.
// ===================================================================== // =====================================================================
// Reads Admin Password from Environment
function get_admin_password() {
return getenv('ADMIN_PASSWORD');
}
// Checks if current Session is authenticated as Admin // Checks if current Session is authenticated as Admin
function is_admin() { function is_admin() {
return isset($_SESSION['is_admin']) && $_SESSION['is_admin'] === true; return isset($_SESSION['is_admin']) && $_SESSION['is_admin'] === true;
@@ -18,7 +13,7 @@ function is_admin() {
// Authenticates with Password, returns true on Success // Authenticates with Password, returns true on Success
function admin_login($password) { function admin_login($password) {
$correct = get_admin_password(); $correct = getenv('ADMIN_PASSWORD');
if ($correct && $password === $correct) { if ($correct && $password === $correct) {
$_SESSION['is_admin'] = true; $_SESSION['is_admin'] = true;
return true; return true;
@@ -31,11 +26,3 @@ function admin_logout() {
$_SESSION['is_admin'] = false; $_SESSION['is_admin'] = false;
session_destroy(); session_destroy();
} }
// Redirects to Login if not authenticated
function require_admin() {
if (!is_admin()) {
header('Location: admin.php?page=login');
exit;
}
}