41 lines
1.1 KiB
PHP
41 lines
1.1 KiB
PHP
<?php
|
|
// =====================================================================
|
|
// Admin Authentication Helper
|
|
// Provides simple Password-based Session Authentication for the
|
|
// Moderation Page. Uses ADMIN_PASSWORD from .env File.
|
|
// ToDo: Replace with full User Authentication in Phase 3-3.
|
|
// =====================================================================
|
|
|
|
// Reads Admin Password from Environment
|
|
function get_admin_password() {
|
|
return getenv('ADMIN_PASSWORD');
|
|
}
|
|
|
|
// Checks if current Session is authenticated as Admin
|
|
function is_admin() {
|
|
return isset($_SESSION['is_admin']) && $_SESSION['is_admin'] === true;
|
|
}
|
|
|
|
// Authenticates with Password, returns true on Success
|
|
function admin_login($password) {
|
|
$correct = get_admin_password();
|
|
if ($correct && $password === $correct) {
|
|
$_SESSION['is_admin'] = true;
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
// Logs out Admin Session
|
|
function admin_logout() {
|
|
$_SESSION['is_admin'] = false;
|
|
session_destroy();
|
|
}
|
|
|
|
// Redirects to Login if not authenticated
|
|
function require_admin() {
|
|
if (!is_admin()) {
|
|
header('Location: admin.php?page=login');
|
|
exit;
|
|
}
|
|
} |