daveadmin
2d8d1c7409
Five MVP tools (Ask, Search, Summarize, Timeline, Redact) with email+password auth, Azure OpenAI gateway, evidence trail panel, and process-and-forget privacy default. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
43 lines
1.3 KiB
PHP
43 lines
1.3 KiB
PHP
<?php
|
|
declare(strict_types=1);
|
|
|
|
require_once __DIR__ . '/../includes/bootstrap.php';
|
|
|
|
dbnToolsRequireMethod('POST');
|
|
$input = dbnToolsJsonInput(2048);
|
|
|
|
$email = strtolower(trim((string)($input['email'] ?? '')));
|
|
$password = (string)($input['password'] ?? '');
|
|
|
|
if ($email === '') {
|
|
dbnToolsError('Email is required.', 422, 'missing_email');
|
|
}
|
|
if ($password === '') {
|
|
dbnToolsError('Password is required.', 422, 'missing_password');
|
|
}
|
|
|
|
$configuredEmail = dbnToolsAuthEmail();
|
|
$hash = dbnToolsAuthPasswordHash();
|
|
|
|
if ($configuredEmail === null || trim($configuredEmail) === '' || $hash === null || trim($hash) === '') {
|
|
dbnToolsError('Authentication credentials are not configured.', 503, 'auth_not_configured');
|
|
}
|
|
|
|
$emailMatch = hash_equals(strtolower(trim($configuredEmail)), $email);
|
|
$passwordMatch = password_verify($password, $hash);
|
|
|
|
if (!$emailMatch || !$passwordMatch) {
|
|
dbnToolsError('Email or password was not accepted.', 401, 'invalid_credentials');
|
|
}
|
|
|
|
session_regenerate_id(true);
|
|
$_SESSION['dbn_tools_authenticated'] = true;
|
|
$_SESSION['dbn_tools_authenticated_at'] = time();
|
|
$_SESSION['dbn_tools_anon_id'] = $_SESSION['dbn_tools_anon_id'] ?? bin2hex(random_bytes(16));
|
|
|
|
dbnToolsRespond([
|
|
'ok' => true,
|
|
'authenticated' => true,
|
|
'session' => dbnToolsAnonymousSessionId(),
|
|
]);
|