From bd578ea677278c2679dc3b7b576000e967cd024f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mike=20Schw=C3=B6rer?= <mailport@mikescher.de>
Date: Sun, 21 Jan 2018 19:35:49 +0100
Subject: [PATCH] /logout/

---
 www/data/css/styles.css         |  9 +++++++++
 www/data/css/styles.min.css     |  4 +++-
 www/data/css/styles_header.scss | 13 +++++++++++++
 www/fragments/header.php        |  6 ++++--
 www/index.php                   | 12 +++---------
 www/internals/base.php          | 28 ++++++++++++++++++++++++++++
 www/pages/login.php             |  7 ++-----
 www/pages/logout.php            | 25 +++++++++++++++++++++++++
 8 files changed, 87 insertions(+), 17 deletions(-)
 create mode 100644 www/pages/logout.php

diff --git a/www/data/css/styles.css b/www/data/css/styles.css
index 1b9fed8..25ecc77 100644
--- a/www/data/css/styles.css
+++ b/www/data/css/styles.css
@@ -130,6 +130,7 @@ body {
     padding: 0;
     height: 42px; }
     #headerdiv .logowrapper .logo {
+      min-width: 197.5px;
       height: 30px;
       margin: 4px 0 8px 6px;
       flex: initial; }
@@ -166,6 +167,14 @@ body {
       #headerdiv .tabrow .tab_github:hover {
         background-color: #c9510c;
         color: black; }
+    #headerdiv .tabrow .tab_logout {
+      background-color: #A00;
+      border-left: 1px solid #111;
+      border-right: none;
+      color: black; }
+      #headerdiv .tabrow .tab_logout:hover {
+        background-color: #c9510c;
+        color: black; }
 
 @media (max-width: 850px) {
   #headerdiv {
diff --git a/www/data/css/styles.min.css b/www/data/css/styles.min.css
index 73f94ec..74d83ba 100644
--- a/www/data/css/styles.min.css
+++ b/www/data/css/styles.min.css
@@ -25,7 +25,7 @@ body{background-color:#EEE;color:#CCC;font-family:serif}
 .button:hover{background-color:#555}
 #headerdiv{z-index:999;background-color:#333;display:flex;border-bottom:1px solid #111;box-shadow:0 0 8px #000;position:fixed;width:100%}
 #headerdiv .logowrapper{flex:initial;margin:0;padding:0;height:42px}
-#headerdiv .logowrapper .logo{height:30px;margin:4px 0 8px 6px;flex:initial}
+#headerdiv .logowrapper .logo{min-width:197.5px;height:30px;margin:4px 0 8px 6px;flex:initial}
 #headerdiv .tabrow{display:flex;flex:auto}
 #headerdiv .tabrow .tab{display:flex;justify-content:center;align-items:center;background-color:#222;color:#CCC;border-left:1px solid #000;border-right:1px solid #000;font-weight:bold;text-decoration:none;margin:0 0 0 20px;padding:2px 5px;min-width:64px;text-align:center;flex:initial}
 #headerdiv .tabrow .tab:hover{cursor:pointer;background-color:#555}
@@ -33,6 +33,8 @@ body{background-color:#EEE;color:#CCC;font-family:serif}
 #headerdiv .tabrow .tab_split{flex:auto}
 #headerdiv .tabrow .tab_github{background-color:#4078c0;border-left:1px solid #111;border-right:0;color:black}
 #headerdiv .tabrow .tab_github:hover{background-color:#c9510c;color:black}
+#headerdiv .tabrow .tab_logout{background-color:#A00;border-left:1px solid #111;border-right:0;color:black}
+#headerdiv .tabrow .tab_logout:hover{background-color:#c9510c;color:black}
 @media(max-width:850px){
 	#headerdiv{position:static;flex-direction:column}
 	#headerdiv .logowrapper{display:flex;align-items:center;justify-content:center}
diff --git a/www/data/css/styles_header.scss b/www/data/css/styles_header.scss
index 39c74e0..0cf59e5 100644
--- a/www/data/css/styles_header.scss
+++ b/www/data/css/styles_header.scss
@@ -16,6 +16,7 @@
     height: 42px;
 
     .logo {
+      min-width: 197.5px; // prevents flickering after DOM load
       height: 30px;
       margin: 4px 0 8px 6px;
       flex: initial;
@@ -68,6 +69,18 @@
         color: black;
       }
     }
+
+    .tab_logout {
+      background-color: #A00;
+      border-left:  1px solid #111;
+      border-right: none;
+      color: black;
+
+      &:hover {
+        background-color: #c9510c;
+        color: black;
+      }
+    }
   }
 }
 
diff --git a/www/fragments/header.php b/www/fragments/header.php
index eac9d87..29f6b6a 100644
--- a/www/fragments/header.php
+++ b/www/fragments/header.php
@@ -7,10 +7,12 @@
 		<a class="tab <?php if ($HEADER_ACTIVE === 'home')     echo 'tab_active'; ?>" href="/">Home</a>
 		<a class="tab <?php if ($HEADER_ACTIVE === 'euler')    echo 'tab_active'; ?>" href="/blog/1/Project_Euler_with_Befunge">Project Euler</a>
 		<a class="tab <?php if ($HEADER_ACTIVE === 'blog')     echo 'tab_active'; ?>" href="/blog">Blog</a>
-		<a class="tab <?php if ($HEADER_ACTIVE === 'programs') echo 'tab_active'; ?>" href="/programs">Programs</a>
+        <a class="tab <?php if ($HEADER_ACTIVE === 'programs') echo 'tab_active'; ?>" href="/programs">Programs</a>
+        <?php if (isLoggedInByCookie()): ?><a class="tab tab_active" href="/admin">Admin</a><?php endif; ?>
 		<a class="tab <?php if ($HEADER_ACTIVE === 'about')    echo 'tab_active'; ?>" href="/about">About</a>
 		<div class="tab_split" ></div>
-		<a class="tab tab_github" href="https://github.com/Mikescher/">Github</a>
+		<?php if (isLoggedInByCookie()): ?><a class="tab tab_logout" href="/logout">{Logout}</a><?php endif; ?>
+        <a class="tab tab_github" href="https://github.com/Mikescher/">Github</a>
 	</div>
 
 </div>
\ No newline at end of file
diff --git a/www/index.php b/www/index.php
index f85257c..1fe2bbb 100644
--- a/www/index.php
+++ b/www/index.php
@@ -10,7 +10,8 @@ $URL_RULES =
 	[ 'url' => ['msmain', 'index'],                          'target' => 'pages/main.php',                   'options' => [],                                        ],
 	[ 'url' => ['about'],                                    'target' => 'pages/about.php',                  'options' => [],                                        ],
 	[ 'url' => ['msmain', 'about'],                          'target' => 'pages/about.php',                  'options' => [],                                        ],
-	[ 'url' => ['login'],                                    'target' => 'pages/login.php',                  'options' => [ 'login_target' => '/' ],                 ],
+	[ 'url' => ['login'],                                    'target' => 'pages/login.php',                  'options' => [ 'login_target'  => '/' ],                ],
+	[ 'url' => ['logout'],                                   'target' => 'pages/logout.php',                 'options' => [ 'logout_target' => '/' ],                ],
 
 	[ 'url' => ['programs'],                                 'target' => 'pages/programs_list.php',          'options' => [ 'categoryfilter' => '' ],                ],
 	[ 'url' => ['programs', 'index'],                        'target' => 'pages/programs_list.php',          'options' => [ 'categoryfilter' => '%GET%' ],           ],
@@ -143,14 +144,7 @@ try {
 
 		if (in_array('password', $opt))
 		{
-			$auth = hash('sha256', $CONFIG['admin_username'] . ';' . $CONFIG['admin_password']);
-
-			if (!key_exists('mikescher_auth', $_COOKIE))
-			{
-				$opt['login_target'] = $path;
-				$target = 'pages/login.php';
-			}
-			else if ($auth !== $_COOKIE['mikescher_auth'])
+			if (!isLoggedInByCookie())
 			{
 				$opt['login_target'] = $path;
 				$target = 'pages/login.php';
diff --git a/www/internals/base.php b/www/internals/base.php
index eab9f1d..97da76f 100644
--- a/www/internals/base.php
+++ b/www/internals/base.php
@@ -153,4 +153,32 @@ function convertLanguageToFlag($lang) {
 	if ($lang === 'spanish')     return '/data/images/flags/128-spain.svg';
 
 	return null;
+}
+
+function setLoginCookie($user, $pass)
+{
+	$expires = time() + (24*60*60); // 24h
+	$hash = hash('sha256', $user . ';' . $pass);
+	setcookie('mikescher_auth', $hash, $expires);
+}
+
+function isLoggedInByCookie()
+{
+	static $_loginCache = null;
+	if ($_loginCache !== null) return $_loginCache;
+
+	global $CONFIG;
+	if (key_exists('mikescher_auth', $_COOKIE))
+	{
+		if (strlen($_COOKIE['mikescher_auth']) !== 64) return $_loginCache = false;
+		$auth = hash('sha256', $CONFIG['admin_username'] . ';' . $CONFIG['admin_password']);
+		if ($auth === $_COOKIE['mikescher_auth']) return $_loginCache = true;
+	}
+
+	return $_loginCache = false;
+}
+
+function clearLoginCookie()
+{
+	setcookie("mikescher_auth", "", time()+30);
 }
\ No newline at end of file
diff --git a/www/pages/login.php b/www/pages/login.php
index 3c563f5..eb70127 100644
--- a/www/pages/login.php
+++ b/www/pages/login.php
@@ -9,11 +9,8 @@ $err = false;
 if (key_exists('username', $_GET) && key_exists('password', $_GET) && key_exists('redirect', $_GET))
 {
 	if ($_GET['username'] === $CONFIG['admin_username'] && $_GET['password'] === $CONFIG['admin_password'])
-	{
-		$expires = time() + (24*60*60); // 24h
-		$hash = hash('sha256', $_GET['username'] . ';' . $_GET['password']);
-		setcookie('mikescher_auth', $hash, $expires);
-
+    {
+	    setLoginCookie($_GET['username'], $_GET['password']);
 		header('Location: ' . $_GET['redirect']);
 		die();
 	}
diff --git a/www/pages/logout.php b/www/pages/logout.php
new file mode 100644
index 0000000..3eaeeda
--- /dev/null
+++ b/www/pages/logout.php
@@ -0,0 +1,25 @@
+<?php
+require_once (__DIR__ . '/../internals/base.php');
+global $OPTIONS;
+
+$redirect = $OPTIONS['logout_target'];
+
+clearLoginCookie();
+
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="utf-8">
+    <title>Mikescher.com - Logout</title>
+    <link rel="icon" type="image/png" href="/data/images/favicon.png"/>
+    <link rel="canonical" href="https://www.mikescher.com/logout"/>
+    <meta http-equiv="refresh" content="1; url=<?php echo $redirect; ?>" />
+</head>
+<body>
+You have been logged out
+<script>
+    setTimeout(function () { window.location.href = "<?php echo $redirect; ?>"; }, 1000);
+</script>
+</body>
+</html>