Updated authentication.
This commit is contained in:
parent
1536f3048d
commit
70a63db6d5
1 changed files with 29 additions and 34 deletions
|
|
@ -2,17 +2,9 @@
|
||||||
final class SockChatAuth {
|
final class SockChatAuth {
|
||||||
public static function attempt(string $endPoint, string $secret, string $cookie): object {
|
public static function attempt(string $endPoint, string $secret, string $cookie): object {
|
||||||
if(!empty($cookie)) {
|
if(!empty($cookie)) {
|
||||||
$decoded = str_pad(base64_decode(str_pad(strtr($cookie, '-_', '+/'), strlen($cookie) % 4, '=', STR_PAD_RIGHT)), 37, "\0");
|
$method = 'Misuzu';
|
||||||
$unpacked = unpack('Cversion/Nuser/H*token', $decoded);
|
$signature = sprintf('verify#%s#%s#%s', $method, $cookie, $_SERVER['REMOTE_ADDR']);
|
||||||
|
$signature = hash_hmac('sha256', $signature, $secret);
|
||||||
if(isset($unpacked['version']) && $unpacked['version'] === 1
|
|
||||||
&& isset($unpacked['user']) && $unpacked['user'] > 0) {
|
|
||||||
$loginRequest = [
|
|
||||||
'user_id' => $unpacked['user'],
|
|
||||||
'token' => 'SESS:' . $cookie,
|
|
||||||
'ip' => $_SERVER['REMOTE_ADDR'],
|
|
||||||
];
|
|
||||||
$loginSignature = hash_hmac('sha256', implode('#', $loginRequest), $secret);
|
|
||||||
|
|
||||||
$login = curl_init($endPoint);
|
$login = curl_init($endPoint);
|
||||||
curl_setopt_array($login, [
|
curl_setopt_array($login, [
|
||||||
|
|
@ -21,7 +13,11 @@ final class SockChatAuth {
|
||||||
CURLOPT_FOLLOWLOCATION => true,
|
CURLOPT_FOLLOWLOCATION => true,
|
||||||
CURLOPT_HEADER => false,
|
CURLOPT_HEADER => false,
|
||||||
CURLOPT_POST => true,
|
CURLOPT_POST => true,
|
||||||
CURLOPT_POSTFIELDS => json_encode($loginRequest),
|
CURLOPT_POSTFIELDS => http_build_query([
|
||||||
|
'method' => $method,
|
||||||
|
'token' => $cookie,
|
||||||
|
'ipaddr' => $_SERVER['REMOTE_ADDR'],
|
||||||
|
], '', '&', PHP_QUERY_RFC3986),
|
||||||
CURLOPT_RETURNTRANSFER => true,
|
CURLOPT_RETURNTRANSFER => true,
|
||||||
CURLOPT_TCP_FASTOPEN => true,
|
CURLOPT_TCP_FASTOPEN => true,
|
||||||
CURLOPT_CONNECTTIMEOUT => 2,
|
CURLOPT_CONNECTTIMEOUT => 2,
|
||||||
|
|
@ -30,14 +26,13 @@ final class SockChatAuth {
|
||||||
CURLOPT_TIMEOUT => 5,
|
CURLOPT_TIMEOUT => 5,
|
||||||
CURLOPT_USERAGENT => 'AJAX Chat',
|
CURLOPT_USERAGENT => 'AJAX Chat',
|
||||||
CURLOPT_HTTPHEADER => [
|
CURLOPT_HTTPHEADER => [
|
||||||
'Content-Type: application/json',
|
'Content-Type: application/x-www-form-urlencoded',
|
||||||
'X-SharpChat-Signature: ' . $loginSignature,
|
'X-SharpChat-Signature: ' . $signature,
|
||||||
],
|
],
|
||||||
]);
|
]);
|
||||||
$userInfo = json_decode(curl_exec($login));
|
$userInfo = json_decode(curl_exec($login));
|
||||||
curl_close($login);
|
curl_close($login);
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
if(empty($userInfo->success)) {
|
if(empty($userInfo->success)) {
|
||||||
$userInfo = new stdClass;
|
$userInfo = new stdClass;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue