mirror of
https://github.com/myronblair/novacpx
synced 2026-06-30 17:50:41 -05:00
716d292e77
Each panel now has its own dedicated port and is fully self-contained: - Port 8880: User panel (end-user hosting dashboard) - Port 8881: Reseller panel (account/package management) - Port 8882: Admin panel (datacenter/server manager) Changes: - install.sh: PORT_USER/PORT_RESELLER/PORT_ADMIN constants; three separate nginx/Apache vhosts; UFW opens all three ports; Fail2Ban jail per port; credentials file shows all three URLs - config.ini: stores port_user/port_reseller/port_admin - Core.php: defines PORT_USER/RESELLER/ADMIN, detects CURRENT_PORTAL from SERVER_PORT so the API knows which tier is being accessed - Auth.php: portalUrl() maps role → correct port for cross-portal redirects - auth.php endpoint: returns portal_url on login so JS redirects to right port - index.php login: uses portal_url from API response (no hardcoded paths) - admin/index.php: inline login form (port 8882 is self-contained, no redirect) - user/index.php: inline login form (port 8880 self-contained) - reseller/index.php: new full reseller panel with inline login (port 8881); sidebar with accounts, packages, DNS, branding, bandwidth report sections Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
46 lines
1.6 KiB
PHP
46 lines
1.6 KiB
PHP
<?php
|
|
$method = $_SERVER['REQUEST_METHOD'];
|
|
$body = json_decode(file_get_contents('php://input'), true) ?? [];
|
|
|
|
match ($action) {
|
|
'login' => (function() use ($body) {
|
|
$username = trim($body['username'] ?? '');
|
|
$password = $body['password'] ?? '';
|
|
if (!$username || !$password) Response::error('Username and password required');
|
|
$auth = Auth::getInstance();
|
|
$token = $auth->attempt($username, $password);
|
|
if (!$token) Response::error('Invalid credentials', 401);
|
|
$user = $auth->user();
|
|
audit('login', 'auth');
|
|
Response::success([
|
|
'token' => $token,
|
|
'portal_url' => Auth::portalUrl($user['role']),
|
|
'user' => [
|
|
'id' => $user['id'],
|
|
'username' => $user['username'],
|
|
'email' => $user['email'],
|
|
'role' => $user['role'],
|
|
'theme' => $user['theme'],
|
|
],
|
|
], 'Login successful');
|
|
})(),
|
|
|
|
'logout' => (function() {
|
|
Auth::getInstance()->logout();
|
|
audit('logout', 'auth');
|
|
Response::success(null, 'Logged out');
|
|
})(),
|
|
|
|
'me' => (function() use ($currentUser) {
|
|
Response::success([
|
|
'id' => $currentUser['uid'],
|
|
'username' => $currentUser['username'],
|
|
'email' => $currentUser['email'],
|
|
'role' => $currentUser['role'],
|
|
'theme' => $currentUser['theme'],
|
|
]);
|
|
})(),
|
|
|
|
default => Response::error('Unknown auth action', 404),
|
|
};
|