OTP : configuration via kc_action, login redirige vers profil
- auth/otp_setup.php : déclenche CONFIGURE_TOTP via kc_action Keycloak - Tuile OTP pointe vers otp_setup.php (plus de lien externe vers la console) - Bouton Activer en btn-primary, Reconfigurer en btn-outline - login.php : redirige vers /profile.php si déjà connecté Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Alpinux
parent
fcdd094e26
commit
f5f831dfb0
3 changed files with 28 additions and 5 deletions
|
|
@ -6,7 +6,7 @@ require_once __DIR__ . '/../inc/oidc.php';
|
|||
session_start_safe();
|
||||
|
||||
if (current_user()) {
|
||||
header('Location: /dashboard.php');
|
||||
header('Location: /profile.php');
|
||||
exit;
|
||||
}
|
||||
|
||||
|
|
|
|||
25
web/auth/otp_setup.php
Normal file
25
web/auth/otp_setup.php
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
<?php
|
||||
require_once __DIR__ . '/../inc/config.php';
|
||||
require_once __DIR__ . '/../inc/auth.php';
|
||||
|
||||
session_start_safe();
|
||||
require_login();
|
||||
|
||||
$state = bin2hex(random_bytes(16));
|
||||
$nonce = bin2hex(random_bytes(16));
|
||||
$_SESSION['oidc_state'] = $state;
|
||||
$_SESSION['oidc_nonce'] = $nonce;
|
||||
$_SESSION['next_url'] = '/profile.php';
|
||||
|
||||
$url = ALPID_AUTH_URL . '?' . http_build_query([
|
||||
'client_id' => ALPID_CLIENT_ID,
|
||||
'response_type' => 'code',
|
||||
'scope' => 'openid profile email',
|
||||
'redirect_uri' => CALLBACK_URL,
|
||||
'state' => $state,
|
||||
'nonce' => $nonce,
|
||||
'kc_action' => 'CONFIGURE_TOTP',
|
||||
]);
|
||||
|
||||
header('Location: ' . $url);
|
||||
exit;
|
||||
|
|
@ -129,7 +129,6 @@ $gps = ($membership && is_file($gps_file))
|
|||
: null;
|
||||
|
||||
$otp = kc_get_otp_credential($user['sub']);
|
||||
$otp_setup_url = ALPID_BASE . '/realms/' . ALPID_REALM . '/account/#/security/signingin';
|
||||
|
||||
$is_adherent = $user['is_adherent']
|
||||
|| ($membership && $membership['status']===1 && $membership['date_fin_ts']>time());
|
||||
|
|
@ -350,8 +349,7 @@ require __DIR__ . '/views/layout.php';
|
|||
<?= $otp ? 'Activée' : 'Désactivée' ?>
|
||||
</div>
|
||||
</div>
|
||||
<a href="<?= htmlspecialchars($otp_setup_url) ?>" target="_blank" rel="noopener"
|
||||
class="btn-outline btn-sm tile-action">
|
||||
<a href="/auth/otp_setup.php" class="btn-<?= $otp ? 'outline' : 'primary' ?> btn-sm tile-action">
|
||||
<?= $otp ? 'Reconfigurer' : 'Activer' ?>
|
||||
</a>
|
||||
</div>
|
||||
|
|
|
|||
Loading…
Reference in a new issue