| 12 |
rodolico |
1 |
<?php
|
|
|
2 |
|
|
|
3 |
/**
|
|
|
4 |
Copyright (c) 2025, Daily Data, Inc.
|
|
|
5 |
|
|
|
6 |
Redistribution and use in source and binary forms, with or without modification,
|
|
|
7 |
are permitted provided that the following conditions are met:
|
|
|
8 |
|
|
|
9 |
Redistributions of source code must retain the above copyright notice, this
|
|
|
10 |
list of conditions and the following disclaimer.
|
|
|
11 |
Redistributions in binary form must reproduce the above copyright notice,
|
|
|
12 |
this list of conditions and the following disclaimer in the documentation
|
|
|
13 |
and/or other materials provided with the distribution.
|
|
|
14 |
|
|
|
15 |
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
|
|
16 |
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
|
17 |
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
|
18 |
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
|
|
|
19 |
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
|
|
20 |
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
|
21 |
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
|
|
|
22 |
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
|
|
23 |
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
|
|
|
24 |
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
25 |
|
|
|
26 |
PHP script which reads tab delimited file users.csv (defined in $csvFile). Users
|
|
|
27 |
are presented with a username and password box and a router selector.
|
|
|
28 |
When processed, will read data file and determine if the credentials match any line
|
|
|
29 |
and, if so, display a QR Code suitable for scanning with one time password program.
|
|
|
30 |
|
|
|
31 |
Assumes csv file and qr image created by processOPNSense.pl.
|
|
|
32 |
|
|
|
33 |
Version 1.0.0 RWR 2025-09-21
|
|
|
34 |
Initial Release
|
| 13 |
rodolico |
35 |
Version 1.1.0 RWR 2025-09-27
|
|
|
36 |
Added capability of downloading VPN configuration file
|
| 12 |
rodolico |
37 |
|
|
|
38 |
*/
|
|
|
39 |
|
|
|
40 |
// Define the path to the CSV file
|
|
|
41 |
$csvFile = 'users.csv';
|
| 13 |
rodolico |
42 |
// Define the path to the .ovpn files, if applicable
|
|
|
43 |
$ovpnDir = 'ovpn_files/';
|
|
|
44 |
$ovpnRegex = 'mcnoc_([a-z0-9]+)\.ovpn';
|
|
|
45 |
$ovpnFileName = '';
|
| 12 |
rodolico |
46 |
// name of image file
|
|
|
47 |
$imageFileName = '';
|
|
|
48 |
// topt code
|
|
|
49 |
$code = '';
|
| 13 |
rodolico |
50 |
|
|
|
51 |
|
| 12 |
rodolico |
52 |
function csvToArray( $csvFile, $delimiter = "\t" ) {
|
|
|
53 |
// Initialize an array to hold the data
|
|
|
54 |
$dataArray = [];
|
|
|
55 |
|
|
|
56 |
// Open the CSV file for reading
|
|
|
57 |
if (($handle = fopen($csvFile, 'r')) !== FALSE) {
|
|
|
58 |
// Get the headers from the first row
|
|
|
59 |
$headers = fgetcsv($handle, 1000, $delimiter);
|
|
|
60 |
|
|
|
61 |
// Loop through each row in the CSV
|
|
|
62 |
while (($data = fgetcsv($handle, 1000, $delimiter)) !== FALSE) {
|
|
|
63 |
// Combine headers with data to create an associative array
|
|
|
64 |
$rowData = array_combine($headers, $data);
|
|
|
65 |
// Add the associative array to the main data array
|
|
|
66 |
$dataArray[] = $rowData;
|
|
|
67 |
}
|
|
|
68 |
fclose($handle);
|
|
|
69 |
} else {
|
|
|
70 |
echo "Could not open the CSV file for reading.";
|
|
|
71 |
}
|
|
|
72 |
return $dataArray;
|
| 13 |
rodolico |
73 |
} // csvToArray
|
| 12 |
rodolico |
74 |
|
| 13 |
rodolico |
75 |
|
|
|
76 |
function ovpnFile ( $path, $username, $ovpnRegex ) {
|
|
|
77 |
if ( $files = scandir( $path ) ) {
|
|
|
78 |
foreach ($files as $key => $value ) {
|
|
|
79 |
if ( preg_match( "/$ovpnRegex/", $value, $matches ) ) {
|
|
|
80 |
if ( $matches[1] == $username ) {
|
|
|
81 |
return $path . $matches[0];
|
|
|
82 |
}
|
|
|
83 |
}
|
|
|
84 |
}
|
|
|
85 |
} else {
|
|
|
86 |
die( "Error trying to scan directory $path\n" );
|
|
|
87 |
}
|
|
|
88 |
return '';
|
|
|
89 |
} // ovpnFile
|
|
|
90 |
|
| 12 |
rodolico |
91 |
// Check if the form is submitted
|
|
|
92 |
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|
|
93 |
// Get the username and password from the form
|
|
|
94 |
$username = $_POST['username'];
|
|
|
95 |
$password = $_POST['password'];
|
|
|
96 |
$router = $_POST['router'];
|
|
|
97 |
|
|
|
98 |
$users = csvToArray( $csvFile, "\t" );
|
|
|
99 |
if ( $users ) {
|
|
|
100 |
$isValidUser = false;
|
|
|
101 |
foreach ( $users as $key => $data ) {
|
|
|
102 |
if ( $data['name'] === $username && $data['router'] === $router ) {
|
|
|
103 |
if ( password_verify( $password, $data['password'] ) ) {
|
|
|
104 |
$code = $data['otp'];
|
|
|
105 |
$imageFileName = $data['filename'];
|
|
|
106 |
$isValidUser = true;
|
| 13 |
rodolico |
107 |
$ovpnFileName = ovpnFile( $ovpnDir, $data['name'], $ovpnRegex );
|
|
|
108 |
$log = date("Y-m-d H:i:s") . "\t" . $_SERVER['REMOTE_ADDR'] . "\t" .
|
|
|
109 |
"Success\t" . $username."\t" .PHP_EOL;
|
|
|
110 |
file_put_contents( './log_'.date("j.n.Y").'.log', $log, FILE_APPEND );
|
| 12 |
rodolico |
111 |
}
|
|
|
112 |
break;
|
|
|
113 |
}
|
|
|
114 |
}
|
|
|
115 |
if ( ! $isValidUser )
|
|
|
116 |
echo "<h1>Password wrong, or invalid user $username for router $router</h1>";
|
|
|
117 |
} else {
|
|
|
118 |
echo '<h1>Could not open the CSV file.</h1>';
|
|
|
119 |
}
|
|
|
120 |
}
|
| 13 |
rodolico |
121 |
|
| 12 |
rodolico |
122 |
?>
|
|
|
123 |
|
|
|
124 |
<!DOCTYPE html>
|
|
|
125 |
<html lang="en">
|
|
|
126 |
<head>
|
|
|
127 |
<meta charset="UTF-8">
|
|
|
128 |
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
|
129 |
<title>Get QR Code</title>
|
|
|
130 |
</head>
|
|
|
131 |
<body>
|
|
|
132 |
<?php
|
|
|
133 |
if ( ! empty( $imageFileName ) && ! empty( $code ) ) {
|
|
|
134 |
echo "<div style='text-align: center;'>";
|
|
|
135 |
echo "<img src='$imageFileName' alt='$code'>";
|
|
|
136 |
echo "<br />Your code for $router is<br /><b>$code</b>";
|
| 13 |
rodolico |
137 |
if ( !empty( $ovpnFileName ) ) {
|
|
|
138 |
echo "<br /><a href='$ovpnFileName' download>Download your OpenVPN Config File</a>";
|
|
|
139 |
}
|
| 12 |
rodolico |
140 |
echo '</div>';
|
|
|
141 |
}
|
|
|
142 |
?>
|
| 13 |
rodolico |
143 |
<p>This page is updated hourly. If change your password, it will not be reflected here for an hour</p>
|
| 12 |
rodolico |
144 |
<form method="POST" action="">
|
|
|
145 |
<label for="username">Username:</label>
|
|
|
146 |
<input type="text" id="username" name="username" required>
|
|
|
147 |
<br>
|
|
|
148 |
<label for="password">Password:</label>
|
|
|
149 |
<input type="password" id="password" name="password" required>
|
|
|
150 |
<br>
|
|
|
151 |
<label for="router">Router:</label>
|
|
|
152 |
<select name="router" id="router">
|
|
|
153 |
<?php
|
|
|
154 |
// gets a list of all routers listed in $csvFile into array $routers
|
|
|
155 |
exec( "tail -n+2 $csvFile | cut -f1 | sort | uniq | sort", $routers );
|
|
|
156 |
#die( "<pre>" . print_r( $routers, true) . "</pre>" );
|
|
|
157 |
foreach ( $routers as $index => $name ) {
|
|
|
158 |
print "<option value='$name'>$name</option>\n";
|
|
|
159 |
}
|
|
|
160 |
?>
|
|
|
161 |
</select>
|
|
|
162 |
<br>
|
|
|
163 |
<input type="submit" value="Login">
|
|
|
164 |
</form>
|
|
|
165 |
</body>
|
|
|
166 |
</html>
|