From a583351ac4f4fa60bebd4c199796c675da77522c Mon Sep 17 00:00:00 2001 From: Markus Birth Date: Fri, 20 May 2016 19:06:02 +0200 Subject: [PATCH] Split templates for logged out and logged in state. Added Logout option. Added rewriting to allow cleaner URLs. --- .htaccess | 3 +++ css/frs.css | 5 +++++ index.php | 25 +++++++++++++++++++++++-- templates/index_html.mustache | 4 ++-- templates/loggedin_html.mustache | 23 +++++++++++++++++++++++ templates/partials/mdl_head.mustache | 13 +++++++++++++ 6 files changed, 69 insertions(+), 4 deletions(-) create mode 100644 templates/loggedin_html.mustache diff --git a/.htaccess b/.htaccess index ba24195..d8b93ba 100644 --- a/.htaccess +++ b/.htaccess @@ -1,3 +1,6 @@ Require all denied + +RewriteEngine on +RewriteRule ^([^.]+)/?$ index.php?action=$1 [L,NC] diff --git a/css/frs.css b/css/frs.css index 19c6b8c..c81cc11 100644 --- a/css/frs.css +++ b/css/frs.css @@ -64,3 +64,8 @@ display: block; background: url(../img/btn_google_signin_dark_focus_web.png); } + +.mdl-layout a { + color: inherit !important; + text-decoration: inherit !important; +} \ No newline at end of file diff --git a/index.php b/index.php index 3937e55..69f617b 100644 --- a/index.php +++ b/index.php @@ -17,8 +17,22 @@ $client->addScope(Google_Service_Oauth2::USERINFO_EMAIL); session_start(); +if (isset($_GET['action']) && $_GET['action'] == 'logout') { + // Delete session and redirect to self + #$client->setAccessToken($_SESSION['access_token']); + #$client->revokeToken(); // removed granted permissions from account + $_SESSION = array(); + if (ini_get('session.use_cookies')) { + $params = session_get_cookie_params(); + setcookie(session_name(), '', time()-42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']); + } + session_destroy(); + header('Location: ' . $client->getRedirectUri()); + exit(0); +} + if (isset($_GET['code']) && $_GET['code']) { - // OAuth2 result + // Validate OAuth2 result, set access token and redirect to self $client->authenticate($_GET['code']); $_SESSION['access_token'] = $client->getAccessToken(); header('Location: ' . $client->getRedirectUri()); @@ -33,12 +47,19 @@ if (isset($_SESSION['access_token']) && $_SESSION['access_token']) { $oauth = new Google_Service_Oauth2($client); $userdata = $oauth->userinfo->get(); + $data['user']['name_first'] = $userdata->givenName; $data['userdata'] = print_r($userdata, true); + + + // TODO: Check $userdata->verifiedEmail and deny if not verified. + + $tpl = $m->loadTemplate('loggedin_html'); } else { // Not authenticated $data['auth_needed'] = true; $data['auth_url'] = $client->createAuthUrl(); + $tpl = $m->loadTemplate('index_html'); } -$tpl = $m->loadTemplate('index_html'); +$data['action'] = $_GET['action']; echo $tpl->render($data); diff --git a/templates/index_html.mustache b/templates/index_html.mustache index 2110c91..8f0db43 100644 --- a/templates/index_html.mustache +++ b/templates/index_html.mustache @@ -21,7 +21,7 @@ {{/ userdata}}

- Hello, world! + Hello, world! ({{action}})

Hello, world! @@ -215,5 +215,5 @@ {{> mdl_content_foot}} {{> mdl_foot}} -View Source +View Source {{> html_foot}} diff --git a/templates/loggedin_html.mustache b/templates/loggedin_html.mustache new file mode 100644 index 0000000..5322f86 --- /dev/null +++ b/templates/loggedin_html.mustache @@ -0,0 +1,23 @@ +{{> html_head}} +{{> mdl_head}} +{{> mdl_content_head}} + +

+ Not Google > Not Google Now > Fake Reservation System +
+ +

What is this?

+ +{{# userdata}} +

+

{{userdata}}
+

+{{/ userdata}} + +

+ Welcome, to the Fake Reservation System. Where you can book travels you'll never attend. +

+ +{{> mdl_content_foot}} +{{> mdl_foot}} +{{> html_foot}} diff --git a/templates/partials/mdl_head.mustache b/templates/partials/mdl_head.mustache index 3a317d9..213e7e3 100644 --- a/templates/partials/mdl_head.mustache +++ b/templates/partials/mdl_head.mustache @@ -2,6 +2,19 @@
Fake Reservation System +
+ +