feat: SQLite DB with migrations replaces all JSON file storage
- Add db.php with PDO singleton, migration runner, and all helper functions - Add migrations/001_initial_schema.sql (full schema) - Add migrations/002_import_json.php (one-time JSON → DB importer) - Add _incl/switch_tenant.php POST endpoint for tenant/centro switching - Update tools.auth.php: DB-backed login, cookie auth, session reload, init_active_centro() - Update all sysadmin pages (users, centros, aularios, invitations, reset_password) to use DB - Update aulatek/index.php, aulario.php, supercafe.php, supercafe_edit.php to use DB - Update aulatek/comedor.php and api/comedor.php to use DB - Update aulatek/paneldiario.php: aulario config + comedor data from DB - Update aulatek/proyectos.php: aulario config + sharing metadata from DB - Update club/cal.php, index.php, edit_data.php, upload/upload.php to use DB - Update account/index.php: rich profile, tenant list, aula list, session info, permissions - Update pre-body.php account dropdown: shows active org + inline tenant switcher - Update DATA_STRUCTURE.md to document DB approach and migration system Co-authored-by: naielv <109038805+naielv@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
@@ -1,8 +1,9 @@
|
||||
<?php
|
||||
require_once "_incl/tools.session.php";
|
||||
require_once "_incl/tools.security.php";
|
||||
require_once "_incl/db.php";
|
||||
if (!isset($AuthConfig)) {
|
||||
$AuthConfig = json_decode(file_get_contents("/DATA/AuthConfig.json"), true);
|
||||
$AuthConfig = db_get_all_config();
|
||||
}
|
||||
$DOMAIN = $_SERVER["HTTP_X_FORWARDED_HOST"] ?? $_SERVER["HTTP_HOST"];
|
||||
|
||||
@@ -21,13 +22,13 @@ function safe_redir($url) {
|
||||
}
|
||||
|
||||
if ($_GET["reload_user"] == "1") {
|
||||
$user_filename = safe_username_to_filename($_SESSION["auth_user"] ?? "");
|
||||
if ($user_filename === "") {
|
||||
$row = db_get_user($_SESSION["auth_user"] ?? "");
|
||||
if (!$row) {
|
||||
header("Location: /");
|
||||
die();
|
||||
}
|
||||
$userdata = json_decode(file_get_contents("/DATA/Usuarios/" . $user_filename . ".json"), true);
|
||||
$_SESSION['auth_data'] = $userdata;
|
||||
$_SESSION['auth_data'] = db_build_auth_data($row);
|
||||
init_active_centro($_SESSION['auth_data']);
|
||||
$redir = safe_redir($_GET["redir"] ?? "/");
|
||||
header("Location: $redir");
|
||||
die();
|
||||
@@ -83,34 +84,36 @@ if ($_GET["google_callback"] == "1") {
|
||||
}
|
||||
|
||||
$email = $user_info["email"];
|
||||
$name = $user_info["name"] ?? explode("@", $email)[0];
|
||||
$user_filename = safe_username_to_filename($email);
|
||||
if ($user_filename === "") {
|
||||
$name = $user_info["name"] ?? explode("@", $email)[0];
|
||||
$username = strtolower($email);
|
||||
if ($username === "") {
|
||||
die("Error: Dirección de correo inválida.");
|
||||
}
|
||||
$userfile = "/DATA/Usuarios/" . $user_filename . ".json";
|
||||
$password = bin2hex(random_bytes(16)); // Generar una contraseña aleatoria para el usuario, aunque no se usará para iniciar sesión
|
||||
if (file_exists($userfile)) {
|
||||
$userdata = json_decode(file_get_contents($userfile), true);
|
||||
$password = bin2hex(random_bytes(16));
|
||||
$existing = db_get_user($username);
|
||||
if ($existing) {
|
||||
$user_row = $existing;
|
||||
} else {
|
||||
$userdata = [
|
||||
"display_name" => $name,
|
||||
"email" => $email,
|
||||
"permissions" => ["public"],
|
||||
"password_hash" => password_hash($password, PASSWORD_DEFAULT),
|
||||
"google_auth" => true,
|
||||
"#" => "Este usuario fue creado automáticamente al iniciar sesión con Google por primera vez.",
|
||||
];
|
||||
file_put_contents($userfile, json_encode($userdata));
|
||||
db_upsert_user([
|
||||
'username' => $username,
|
||||
'display_name' => $name,
|
||||
'email' => $email,
|
||||
'permissions' => ['public'],
|
||||
'password_hash' => password_hash($password, PASSWORD_DEFAULT),
|
||||
'google_auth' => true,
|
||||
'#' => 'Este usuario fue creado automáticamente al iniciar sesión con Google por primera vez.',
|
||||
]);
|
||||
$user_row = db_get_user($username);
|
||||
}
|
||||
|
||||
|
||||
session_regenerate_id(true);
|
||||
$_SESSION['auth_user'] = $email;
|
||||
$_SESSION['auth_data'] = $userdata;
|
||||
$_SESSION['auth_ok'] = true;
|
||||
$_SESSION['auth_user'] = $username;
|
||||
$_SESSION['auth_data'] = db_build_auth_data($user_row);
|
||||
$_SESSION['auth_ok'] = true;
|
||||
init_active_centro($_SESSION['auth_data']);
|
||||
$cookie_options = ["expires" => time() + (86400 * 30), "path" => "/", "httponly" => true, "secure" => true, "samesite" => "Lax"];
|
||||
setcookie("auth_user", $email, $cookie_options);
|
||||
setcookie("auth_pass_b64", base64_encode($password), $cookie_options);
|
||||
setcookie("auth_user", $username, $cookie_options);
|
||||
setcookie("auth_pass_b64", base64_encode($password), $cookie_options);
|
||||
|
||||
$redir = safe_redir($state["redir"] ?? "/");
|
||||
|
||||
@@ -161,20 +164,19 @@ if ($_GET["clear_session"] == "1") {
|
||||
die();
|
||||
}
|
||||
if (isset($_POST["user"])) {
|
||||
$valid = "";
|
||||
$user = trim(strtolower($_POST["user"]));
|
||||
$user = trim(strtolower($_POST["user"]));
|
||||
$password = $_POST["password"];
|
||||
$user_filename = safe_username_to_filename($user);
|
||||
$userdata = ($user_filename !== "") ? json_decode(@file_get_contents("/DATA/Usuarios/" . $user_filename . ".json"), true) : null;
|
||||
if (!is_array($userdata) || !isset($userdata["password_hash"])) {
|
||||
$row = db_get_user($user);
|
||||
if (!$row || !isset($row["password_hash"])) {
|
||||
$_GET["_result"] = "El usuario no existe.";
|
||||
} elseif (password_verify($password, $userdata["password_hash"])) {
|
||||
} elseif (password_verify($password, $row["password_hash"])) {
|
||||
session_regenerate_id(true);
|
||||
$_SESSION['auth_user'] = $user;
|
||||
$_SESSION['auth_data'] = $userdata;
|
||||
$_SESSION['auth_ok'] = true;
|
||||
$_SESSION['auth_data'] = db_build_auth_data($row);
|
||||
$_SESSION['auth_ok'] = true;
|
||||
init_active_centro($_SESSION['auth_data']);
|
||||
$cookie_options = ["expires" => time() + (86400 * 30), "path" => "/", "httponly" => true, "secure" => true, "samesite" => "Lax"];
|
||||
setcookie("auth_user", $user, $cookie_options);
|
||||
setcookie("auth_user", $user, $cookie_options);
|
||||
setcookie("auth_pass_b64", base64_encode($password), $cookie_options);
|
||||
$redir = safe_redir($_GET["redir"] ?? "/");
|
||||
header("Location: $redir");
|
||||
@@ -182,9 +184,8 @@ if (isset($_POST["user"])) {
|
||||
} else {
|
||||
$_GET["_result"] = "La contraseña no es correcta.";
|
||||
}
|
||||
|
||||
}
|
||||
if (!file_exists("/DATA/SISTEMA_INSTALADO.txt")) {
|
||||
if (db_get_config('installed') !== '1') {
|
||||
header("Location: /_install.php");
|
||||
die();
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user