#PHP-Userhandler
This is a repo meant to deal with the vast majority of handling cases for user work:
- Creation
- Login
- Authentication after-the-fact
- Forgotten passwords
- One-Time Passwords
- Etc
- Move
api.php
to target API directory - Edit
api.php
as needed to fix paths - Edit
SAMPLE_CONFIG.php
to suit your configuration, and re-save asCONFIG.php
. - Upload this whole directory to your webserver.
- Where you need access to any login functions or scripts, include
path_to_dir/login.php
.- If you want to actually output the login screen, be sure to print the variable
$login_output
.
- If you want to actually output the login screen, be sure to print the variable
- Set
handlers/temp
as server-writeable.
Then you're set! I highly reccommend setting up Blackbox to secure your config file.
Libraries that may need minor tweaking to "play nice" have been included as subtrees, and those that should be used verbatim have been included as submodules.
- otphp is a subtree in the
totp/
directory. The relevant files are intotp/lib/OTPHP
. It is a fork from Spomky Labs frozen at the 2.0.x branch, before it was made abstract. Updating this WILL break things. - base32 is a subtree in the
base32/
directory. The relevant file isbase32/src/Base32/Base32.php
. The command to update this isgit subtree pull --prefix base32 base32 master --squash
- phpqrcode is a subtree in the
qr/
directory. The relevant file isqr/qrlib.php
. The command to update this isgit subtree pull --prefix qr qr master --squash
- twilio-php is a subtree in the
twilio/
directory. The relevant file istwilio/Services/Twilio.php
. The command to update this isgit subtree pull --prefix twilio twilio master --squash
- php-core is a subtree in the
core/
directory. The relevant file iscore/core.php
. The command to update this isgit subtree pull --prefix core core master --squash
. - zxcvbn is a subtree in the
js/zxcvbn
directory. The relevant file isjs/zxcvbn/zxcvbn.js
. The command to update this isgit subtree pull --prefix js/zxcvbn zxcvbn master --squash
.
The server is expected to have the basic number of columns and types listed in SAMPLE-CONFIG.php
. If you change any of the default mappings, be sure to update the variables.
This loads a number of libraries asynchronously in js/loadJQuery.js
. If you encounter issues, you may want to manually insert these libraries into your pages. In particular, it may have issues with pages that are served as XHTML.
The most likely reason for a misbehaving application is something else bound to the document onload handler. Anything you want to be handled on load insert into a function named lateJS()
, and it will be called by the script.
If you have functions that redraw the screen, and want to force a user to use two-factor authentication, there may be issues. Check for the variable window.totpParams.tfaLock
; it will be set as true
when a lock is needed, and you can wrap any redrawing functions in there.