Files
jarvis/public_html/index.php
T

40 lines
1.3 KiB
PHP

<?php
ini_set('session.cache_limiter', '');
header('Cache-Control: no-store, no-cache, must-revalidate, no-transform');
session_start();
if (empty($_SESSION['jarvis_token'])) {
header('Location: /login.php');
exit;
}
$token = $_SESSION['jarvis_token'];
$name = $_SESSION['jarvis_name'] ?? '';
$html = file_get_contents(__DIR__ . '/index.html');
// 1. Inject token as JS globals — no sessionStorage dependency
$inject = '<script data-cfasync="false">'
. 'var __jarvisToken=' . json_encode($token) . ';'
. 'var __jarvisUser=' . json_encode($name) . ';'
. 'var sessionToken=' . json_encode($token) . ';'
. 'var sessionUser=' . json_encode($name) . ';'
. 'try{sessionStorage.setItem("jarvis_token",__jarvisToken);'
. 'sessionStorage.setItem("jarvis_user",__jarvisUser);}catch(e){}'
. '</script>';
$html = str_replace('<head>', '<head>' . $inject, $html);
// 2. Force login screen HIDDEN and app VISIBLE at the HTML level
// so even if JS fails the user sees the dashboard, not the login form
$html = str_replace(
'<div id="loginScreen">',
'<div id="loginScreen" style="display:none!important">',
$html
);
$html = str_replace(
'<div id="app">',
'<div id="app" style="display:flex!important;flex-direction:column">',
$html
);
echo $html;