mirror of
https://github.com/mailcow/mailcow-dockerized.git
synced 2025-10-15 00:01:40 -04:00
76 lines
2.4 KiB
PHP
76 lines
2.4 KiB
PHP
<?php
|
|
// SSO Domain Admin
|
|
if (!empty($_GET['sso_token'])) {
|
|
$username = domain_admin_sso('check', $_GET['sso_token']);
|
|
|
|
if ($username !== false) {
|
|
session_regenerate_id(true);
|
|
$_SESSION['mailcow_cc_username'] = $username;
|
|
$_SESSION['mailcow_cc_role'] = 'domainadmin';
|
|
header('Location: /domainadmin/mailbox');
|
|
}
|
|
}
|
|
|
|
if (isset($_POST["verify_tfa_login"])) {
|
|
if (verify_tfa_login($_SESSION['pending_mailcow_cc_username'], $_POST)) {
|
|
if ($_SESSION['pending_mailcow_cc_role'] == "domainadmin") {
|
|
$_SESSION['mailcow_cc_username'] = $_SESSION['pending_mailcow_cc_username'];
|
|
$_SESSION['mailcow_cc_role'] = "domainadmin";
|
|
unset($_SESSION['pending_mailcow_cc_username']);
|
|
unset($_SESSION['pending_mailcow_cc_role']);
|
|
unset($_SESSION['pending_tfa_methods']);
|
|
|
|
header("Location: /domainadmin/mailbox");
|
|
die();
|
|
}
|
|
}
|
|
|
|
unset($_SESSION['pending_mailcow_cc_username']);
|
|
unset($_SESSION['pending_mailcow_cc_role']);
|
|
unset($_SESSION['pending_tfa_methods']);
|
|
}
|
|
if (isset($_POST["verify_fido2_login"])) {
|
|
$res = fido2(array(
|
|
"action" => "verify",
|
|
"token" => $_POST["token"],
|
|
"user" => "domainadmin"
|
|
));
|
|
if (is_array($res) && $res['role'] == "domainadmin" && !empty($res['username'])){
|
|
$_SESSION["mailcow_cc_username"] = $res['username'];
|
|
$_SESSION["mailcow_cc_role"] = $res['role'];
|
|
$_SESSION["fido2_cid"] = $res['cid'];
|
|
}
|
|
exit;
|
|
}
|
|
|
|
if (isset($_GET["cancel_tfa_login"])) {
|
|
unset($_SESSION['pending_pw_reset_token']);
|
|
unset($_SESSION['pending_pw_new_password']);
|
|
unset($_SESSION['pending_mailcow_cc_username']);
|
|
unset($_SESSION['pending_mailcow_cc_role']);
|
|
unset($_SESSION['pending_tfa_methods']);
|
|
|
|
header("Location: /domainadmin");
|
|
}
|
|
|
|
if (isset($_POST["login_user"]) && isset($_POST["pass_user"])) {
|
|
$login_user = strtolower(trim($_POST["login_user"]));
|
|
$as = check_login($login_user, $_POST["pass_user"], false, array("role" => "domain_admin"));
|
|
|
|
if ($as == "domainadmin") {
|
|
session_regenerate_id(true);
|
|
$_SESSION['mailcow_cc_username'] = $login_user;
|
|
$_SESSION['mailcow_cc_role'] = "domainadmin";
|
|
header("Location: /domainadmin/mailbox");
|
|
die();
|
|
}
|
|
elseif ($as != "pending") {
|
|
unset($_SESSION['pending_mailcow_cc_username']);
|
|
unset($_SESSION['pending_mailcow_cc_role']);
|
|
unset($_SESSION['pending_tfa_methods']);
|
|
unset($_SESSION['mailcow_cc_username']);
|
|
unset($_SESSION['mailcow_cc_role']);
|
|
}
|
|
}
|
|
?>
|