Add support for custom auth

Author: RobiNN1

config.dist.php

@@ -37,6 +37,33 @@
     ],
     'timeformat' => 'd. m. Y H:i:s',
     'twigdebug'  => false,
+    // Auth function, this is an example with http auth, but you can add own logic
+    /*'auth'       => static function (): void {
+        $username = 'admin';
+        $password = 'pass';
+
+        if (
+            !isset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) ||
+            $_SERVER['PHP_AUTH_USER'] !== $username || $_SERVER['PHP_AUTH_PW'] !== $password
+        ) {
+            Header('WWW-Authenticate: Basic realm="phpCacheAdmin Login"');
+            Header('HTTP/1.0 401 Unauthorized');
+
+            echo 'Incorrect username or password!';
+            exit;
+        }
+
+        if (isset($_GET['logout'])) {
+            $is_https = (
+                (isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] === 'on' || $_SERVER['HTTPS'] === 1)) ||
+                (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https')
+            );
+
+            $current_url = sprintf('http%s://reset:reset@%s', ($is_https ? 's' : ''), $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
+
+            RobiNN\Pca\Http::redirect([], [], $current_url);
+        }
+    },*/
     // Decoding/Encoding functions
     'encoding'   => [
         'gzcompress' => [

index.php

@@ -11,6 +11,7 @@
 declare(strict_types=1);
 
 use RobiNN\Pca\Admin;
+use RobiNN\Pca\Config;
 use RobiNN\Pca\Http;
 use RobiNN\Pca\Template;
 
@@ -31,6 +32,13 @@
     });
 }
 
+$auth = false;
+
+if (is_callable(Config::get('auth'))) {
+    Config::get('auth')();
+    $auth = true;
+}
+
 $tpl = new Template();
 $admin = new Admin($tpl);
 
@@ -54,6 +62,7 @@
     echo $tpl->render('layout', [
         'site_title' => $info['title'],
         'nav'        => $nav,
+        'logout_url' => $auth ? Http::queryString([], ['logout' => 'yes']) : null,
         'version'    => Admin::VERSION,
         'back'       => isset($_GET['moreinfo']) || isset($_GET['view']) || isset($_GET['form']),
         'back_url'   => Http::queryString(['db', 's']),

src/Config.php

@@ -29,7 +29,7 @@ public static function get(?string $key = null) {
 
         self::getEnvConfig($config);
 
-        return $config[$key] ?? $config;
+        return $config[$key] ?? null;
     }
 
     /**

src/Http.php

@@ -26,11 +26,7 @@ public static function queryString(array $filter = [], array $additional = []):
         $filter = array_flip(array_merge($keep, $filter));
         $url = parse_url($_SERVER['REQUEST_URI']);
 
-        if (empty($url['query'])) {
-            return $url['path'];
-        }
-
-        parse_str($url['query'], $query);
+        parse_str($url['query'] ?? '', $query);
 
         $query = array_intersect_key($query, $filter);
         $query += $additional;
@@ -91,11 +87,12 @@ public static function post(string $key, string $type = 'string') {
      *
      * @param array<int|string, string> $filter
      * @param array<int|string, string> $additional
+     * @param ?string                   $url
      *
      * @return void
      */
-    public static function redirect(array $filter = [], array $additional = []): void {
-        $location = self::queryString($filter, $additional);
+    public static function redirect(array $filter = [], array $additional = [], ?string $url = null): void {
+        $location = $url ?? self::queryString($filter, $additional);
 
         if (!headers_sent()) {
             header('Location: '.$location, true);

templates/layout.twig

@@ -18,6 +18,11 @@
                 </a>
             {% endfor %}
             <footer class="text-center text-white my-4">
+
+                {% if logout_url %}
+                    <a class="block py-2 text-white hover:text-gray-200" href="{{ logout_url }}">Logout</a>
+                {% endif %}
+
                 <div class="font-light">
                     &copy; {{ 'now'|date('Y') }}
                     <a class="text-white hover:text-gray-200 font-semibold" href="https://github.com/RobiNN1/phpCacheAdmin" target="_blank" rel="noopener">