mirror of
https://codeberg.org/PostERG/xamxam.git
synced 2026-05-06 11:09:18 +02:00
8613f71112
- lib/AdminAuth.php: new class with requireLogin(), login(), logout(), isAuthenticated(); starts session with hardened cookie params (HttpOnly, SameSite=Strict, Secure, Path=/admin) — also resolves item #8 (session cookie hardening) - requireLogin() auto-authenticates from nginx Basic Auth credentials ($_SERVER['PHP_AUTH_PW']) so the user only sees one browser prompt; falls back to /admin/login.php if the proxy is absent/misconfigured - config/admin_credentials.php: gitignored credential store; define ADMIN_PASSWORD_HASH with a bcrypt hash to enable PHP auth - config/admin_credentials.example.php: template for the above - config/bootstrap.php: auto-loads admin_credentials.php if present - .gitignore: exclude config/admin_credentials.php - public/admin/login.php: fallback login form (shown only when nginx Basic Auth is bypassed / proxy absent) - public/admin/logout.php: session destruction + redirect to login - All 7 admin PHP files: replace session_start() with AdminAuth::requireLogin() (defence-in-depth behind nginx Basic Auth) - public/admin/inc/head.php: Déconnexion button when ADMIN_PASSWORD_HASH is defined - nginx/PHP_AUTH_LAYER.md: documents dual-auth architecture, UX flow, and setup instructions - docs/TODO.SECURITY.md: items #2 and #8 moved to Resolved; priority order updated (all CRITICAL done)
PostERG - Monorepo
PostERG est un projet de l'ERG (École de Recherche Graphique) permettant aux étudiant.e.s sortant en cursus de Master de mettre à disposition leurs mémoires et travaux de fin d'études.
Structure du projet
Ce monorepo contient deux applications :
- formulaire/ - Formulaire d'ajout de mémoires pour les étudiant.e.s
- front-backend/ - Site web public affichant les mémoires soumis
Prérequis
- PHP 7.4 ou supérieur
- Composer (gestionnaire de dépendances PHP)
Installation de Composer
curl -sS https://getcomposer.org/installer | php
ou
php -r "readfile('https://getcomposer.org/installer');" | php
ou installer le paquet composer de votre distribution.
Installation
Chaque sous-projet a ses propres dépendances. Installez-les séparément :
cd formulaire && composer install
cd ../front-backend && composer install
Lancement en local
Pour chaque application, lancez un serveur PHP :
# Pour le formulaire (port 3000)
cd formulaire && php -S 127.0.0.1:3000
# Pour le site web (port 3001)
cd front-backend && php -S 127.0.0.1:3001