xamxam/public/admin/account.php

<?php
require_once __DIR__ . "/../../config/bootstrap.php";
require_once __DIR__ . '/../../src/AdminAuth.php';
AdminAuth::requireLogin();

$pageTitle = "Compte administrateur";

$credentialsFile = APP_ROOT . '/config/admin_credentials.php';
$hasPassword     = defined('ADMIN_PASSWORD_HASH');

$success = $_SESSION['success'] ?? null;
$error   = $_SESSION['error']   ?? null;
unset($_SESSION['success'], $_SESSION['error']);

if (empty($_SESSION['csrf_token'])) {
    $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
?>
<?php $isAdmin = true; $bodyClass = 'admin-body'; require_once APP_ROOT . '/templates/head.php'; ?>
    <?php include APP_ROOT . '/templates/header.php'; ?>

<main id="main-content">
    <h1>Compte administrateur</h1>

    <?php if ($error): ?>
    <p role="alert" data-type="error">⚠ <?= htmlspecialchars($error) ?></p>
    <?php endif; ?>
    <?php if ($success): ?>
    <p role="status" data-type="success">✓ <?= htmlspecialchars($success) ?></p>
    <?php endif; ?>

    <!-- Status info -->
    <div class="admin-account-status">
        <div class="admin-account-status__row">
            <span class="admin-account-status__label">Authentification PHP</span>
            <?php if ($hasPassword): ?>
                <span class="status-badge status-published">Active</span>
            <?php else: ?>
                <span class="status-badge status-pending">Non configurée</span>
            <?php endif; ?>
        </div>
        <div class="admin-account-status__row">
            <span class="admin-account-status__label">Fichier de configuration</span>
            <code class="admin-account-status__code">config/admin_credentials.php</code>
            <?php if (file_exists($credentialsFile)): ?>
                <span class="status-badge status-published">Présent</span>
            <?php else: ?>
                <span class="status-badge status-pending">Absent</span>
            <?php endif; ?>
        </div>
        <?php if (!$hasPassword): ?>
        <p class="admin-account-status__note">
            Aucun mot de passe PHP configuré. Le formulaire ci-dessous créera
            <code>config/admin_credentials.php</code> avec un hash bcrypt.
        </p>
        <?php endif; ?>
    </div>

    <!-- Password change form -->
    <h2 class="admin-section-title"><?= $hasPassword ? 'Changer le mot de passe' : 'Définir le mot de passe' ?></h2>

    <form method="post" action="/admin/actions/account.php" class="admin-form" autocomplete="off">
        <input type="hidden" name="csrf_token" value="<?= htmlspecialchars($_SESSION['csrf_token']) ?>">

        <?php if ($hasPassword): ?>
        <div>
            <label for="current_password">Mot de passe actuel</label>
            <div>
                <input type="password" id="current_password"
                       name="current_password" required autocomplete="current-password">
            </div>
        </div>
        <?php endif; ?>

        <div>
            <label for="new_password">Nouveau mot de passe</label>
            <div>
                <input type="password" id="new_password"
                       name="new_password" required autocomplete="new-password"
                       minlength="12">
                <small>Minimum 12 caractères.</small>
            </div>
        </div>

        <div>
            <label for="confirm_password">Confirmer le mot de passe</label>
            <div>
                <input type="password" id="confirm_password"
                       name="confirm_password" required autocomplete="new-password">
            </div>
        </div>

        <div class="admin-submit-wrap">
            <button type="submit" class="admin-btn">
                <?= $hasPassword ? 'Mettre à jour le mot de passe' : 'Définir le mot de passe' ?>
            </button>
        </div>
    </form>

    <?php if ($hasPassword): ?>
    <!-- Danger zone: remove password -->
    <h2 class="admin-section-title admin-section-title--danger">Zone de danger</h2>
    <div class="admin-danger-zone">
        <div class="admin-danger-zone__description">
            <strong>Supprimer la configuration du mot de passe PHP</strong><br>
            <small>
                Supprime <code>config/admin_credentials.php</code>. L'accès admin
                dépendra uniquement de l'authentification nginx Basic Auth si elle est configurée.
            </small>
        </div>
        <form method="post" action="/admin/actions/account.php"
              onsubmit="return confirm('Supprimer le fichier de mot de passe PHP ? L\'accès admin ne sera protégé que par nginx Basic Auth.')">
            <input type="hidden" name="csrf_token" value="<?= htmlspecialchars($_SESSION['csrf_token']) ?>">
            <input type="hidden" name="action" value="remove_credentials">
            <input type="hidden" name="current_password_remove" id="current_password_remove" value="">
            <button type="submit" class="admin-btn admin-btn--danger">Supprimer le fichier</button>
        </form>
    </div>
    <?php endif; ?>
</main>

<?php require_once APP_ROOT . '/templates/admin/footer.php'; ?>