mirror of
https://codeberg.org/PostERG/xamxam.git
synced 2026-05-06 19:19:19 +02:00
61 lines
1.8 KiB
PHP
61 lines
1.8 KiB
PHP
<?php
|
|
require_once __DIR__ . '/../../config/bootstrap.php';
|
|
require_once __DIR__ . '/../../src/AdminAuth.php';
|
|
|
|
// If no password is configured, nothing to log into — go straight to admin.
|
|
if (!defined('ADMIN_PASSWORD_HASH')) {
|
|
header('Location: /admin/');
|
|
exit;
|
|
}
|
|
|
|
// Already authenticated — redirect to admin.
|
|
if (AdminAuth::isAuthenticated()) {
|
|
header('Location: /admin/');
|
|
exit;
|
|
}
|
|
|
|
$error = '';
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$password = $_POST['password'] ?? '';
|
|
if (AdminAuth::login($password)) {
|
|
header('Location: /admin/');
|
|
exit;
|
|
}
|
|
// Intentionally vague error — avoid user-enumeration.
|
|
$error = 'Mot de passe incorrect.';
|
|
}
|
|
|
|
$pageTitle = 'Connexion';
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html lang="fr">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title><?php echo htmlspecialchars($pageTitle); ?> — Post-ERG Admin</title>
|
|
<link rel="stylesheet" href="/assets/modern-normalize.min.css">
|
|
<link rel="stylesheet" href="/assets/admin.css">
|
|
<link rel="shortcut icon" href="/assets/admin_favicon.svg" type="image/svg+xml">
|
|
</head>
|
|
<body>
|
|
<header>
|
|
<h1><?php echo htmlspecialchars($pageTitle); ?></h1>
|
|
</header>
|
|
<main>
|
|
<?php if ($error): ?>
|
|
<div class="alert-error">
|
|
<strong>⚠️ <?php echo htmlspecialchars($error); ?></strong>
|
|
</div>
|
|
<?php endif; ?>
|
|
<form method="post" action="/admin/login.php">
|
|
<fieldset>
|
|
<legend>Authentification admin</legend>
|
|
<label for="password">Mot de passe</label>
|
|
<input type="password" id="password" name="password" required autofocus>
|
|
<button type="submit">Se connecter</button>
|
|
</fieldset>
|
|
</form>
|
|
</main>
|
|
</body>
|
|
</html>
|