ThaMunsta/itflow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow use of login key only for agents

Browse Source
This commit is contained in:
johnnyq
2025-12-14 13:16:54 -05:00
committed by Mike Johnston
parent c2020afb58
commit c6ef473edf
1 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
login.php
View File

@@ -99,6 +99,10 @@ $config_mail_from_name = sanitizeInput($row['config_mail_from_name']);
$config_client_portal_enable = intval($row['config_client_portal_enable']); $config_client_portal_enable = intval($row['config_client_portal_enable']);
$config_login_remember_me_expire = intval($row['config_login_remember_me_expire']); $config_login_remember_me_expire = intval($row['config_login_remember_me_expire']);
// Login key (if setup)
$config_login_key_required = $row['config_login_key_required'];
$config_login_key_secret = $row['config_login_key_secret'];
// Azure / Entra for client // Azure / Entra for client
$azure_client_id = $row['config_azure_client_id'] ?? null; $azure_client_id = $row['config_azure_client_id'] ?? null;
@@ -224,6 +228,13 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && (isset($_POST['login']) || isset($_
// AGENT LOGIN FLOW // AGENT LOGIN FLOW
// ========================= // =========================
if ($selectedType === 1) { if ($selectedType === 1) {
// Login key verification
// If no/incorrect 'key' is supplied, send to client portal instead
if ($config_login_key_required) {
if (!isset($_GET['key']) || $_GET['key'] !== $config_login_key_secret) {
redirect("client");
}
}
$user_name = sanitizeInput($selectedRow['user_name']); $user_name = sanitizeInput($selectedRow['user_name']);
$token = sanitizeInput($selectedRow['user_token']); $token = sanitizeInput($selectedRow['user_token']);