[ "method" => "POST", "header" => "Content-Type: application/x-www-form-urlencoded", "content" => http_build_query([ "code" => $code, "client_id" => $AuthConfig["google_client_id"], "client_secret" => $AuthConfig["google_client_secret"], "redirect_uri" => "https://$DOMAIN/_login.php?google_callback=1", "grant_type" => "authorization_code" ]) ] ])); $token_data = json_decode($token_response, true); if (!isset($token_data["access_token"])) { die("Error: No se pudo obtener el token de acceso de Google."); } $access_token = $token_data["access_token"]; // Obtener la información del usuario con el token de acceso $user_info_response = file_get_contents("https://www.googleapis.com/oauth2/v1/userinfo?alt=json&access_token=$access_token"); $user_info = json_decode($user_info_response, true); if (!isset($user_info["email"])) { die("Error: No se pudo obtener la información del usuario de Google."); } $email = $user_info["email"]; $name = $user_info["name"] ?? explode("@", $email)[0]; $userfile = "/DATA/Usuarios/" . strtolower(str_replace("@", "__", $email)) . ".json"; if (file_exists($userfile)) { $userdata = json_decode(file_get_contents($userfile), true); } else { $userdata = [ "display_name" => $name, "email" => $email, "permissions" => ["public"], "password_hash" => password_hash(bin2hex(random_bytes(16)), PASSWORD_DEFAULT), // Contraseña aleatoria, ya que no se usará "google_auth" => true, "#" => "Este usuario fue creado automáticamente al iniciar sesión con Google por primera vez.", ]; file_put_contents($userfile, json_encode($userdata)); } $_SESSION['auth_user'] = $email; $_SESSION['auth_data'] = $userdata; $_SESSION['auth_ok'] = true; setcookie("auth_user", $email, time() + (86400 * 30), "/"); setcookie("auth_pass_b64", base64_encode($password), time() + (86400 * 30), "/"); $redir = json_decode(base64_decode($_GET["state"]), true)["redir"] ?? "/"; header("Location: $redir"); die(); } if ($_GET["google"] == "1") { if (!isset($AuthConfig["google_client_id"]) || !isset($AuthConfig["google_client_secret"])) { die("Error: La autenticación de Google no está configurada."); } $url = "https://accounts.google.com/o/oauth2/auth"; // build the HTTP GET query $params = array( "response_type" => "code", "client_id" => $AuthConfig["google_client_id"], "redirect_uri" => "https://$DOMAIN/_login.php?google_callback=1", "scope" => "email openid profile", "state" => base64_encode(json_encode([ "redir" => $_GET["redir"] ?? "/" ])) ); $request_to = $url . '?' . http_build_query($params); // forward the user to the login access page on the OAuth 2 server header("Location: " . $request_to); die(); } if ($_GET["logout"] == "1") { $redir = $_GET["redir"] ?? "/"; setcookie("auth_user", "", time() - 3600, "/"); setcookie("auth_pass_b64", "", time() - 3600, "/"); session_destroy(); header("Location: $redir"); die(); } if ($_GET["clear_session"] == "1") { session_destroy(); $redir = $_GET["redir"] ?? "/"; header("Location: $redir"); die(); } if (isset($_POST["user"])) { $valid = ""; $user = trim(strtolower($_POST["user"])); $password = $_POST["password"]; $userdata = json_decode(file_get_contents("/DATA/Usuarios/$user.json"), true); if (!isset($userdata["password_hash"])) { $_GET["_result"] = "El usuario no existe."; } $hash = $userdata["password_hash"]; if (password_verify($password, $hash)) { $_SESSION['auth_user'] = $user; $_SESSION['auth_data'] = $userdata; $_SESSION['auth_ok'] = true; setcookie("auth_user", $user, time() + (86400 * 30), "/"); setcookie("auth_pass_b64", base64_encode($password), time() + (86400 * 30), "/"); $redir = $_GET["redir"] ?? "/"; header("Location: $redir"); die(); } else { $_GET["_result"] = "La contraseña no es correcta."; } } if (!file_exists("/DATA/SISTEMA_INSTALADO.txt")) { header("Location: /_install.php"); die(); } require_once "_incl/pre-body.php"; ?>
">

Iniciar sesión en Axia4

" class="btn btn-outline-danger">Google