70 lines
2.5 KiB
PHP
70 lines
2.5 KiB
PHP
<?php
|
|
|
|
if (processForm(false)) {
|
|
checkPasswordFormat($_POST['password']);
|
|
|
|
checkUsernameFormat($_POST['username']);
|
|
|
|
$username = hashUsername($_POST['username']);
|
|
|
|
if (usernameExists($username) !== false)
|
|
output(403, 'Ce nom de compte est déjà utilisé.');
|
|
|
|
rateLimit();
|
|
|
|
$id = hash('sha256', random_bytes(32));
|
|
|
|
insert('users', [
|
|
'id' => $id,
|
|
'username' => $username,
|
|
'password' => hashPassword($_POST['password']),
|
|
'registration_date' => date('Y-m-d H:i:s'),
|
|
'bucket_tokens' => 0,
|
|
'bucket_last_update' => 0,
|
|
'type' => 'testing',
|
|
]);
|
|
|
|
// Setup SFTP directory
|
|
umask(0002);
|
|
if (mkdir(CONF['ht']['ht_path'] . '/' . $id, 0775) !== true)
|
|
output(500, 'Can\'t create user directory.');
|
|
exec(CONF['ht']['sudo_path'] . ' ' . CONF['ht']['chgrp_path'] . ' ' . CONF['ht']['sftpgo_group'] . ' ' . CONF['ht']['ht_path'] . '/' . $id . ' --no-dereference', result_code: $code);
|
|
if ($code !== 0)
|
|
output(500, 'Can\'t change user directory group.');
|
|
|
|
// Setup Tor config directory
|
|
if (mkdir(CONF['ht']['tor_config_path'] . '/' . $id, 0755) !== true)
|
|
output(500, 'Can\'t create Tor config directory.');
|
|
|
|
// Setup Tor keys directory
|
|
exec(CONF['ht']['sudo_path'] . ' -u ' . CONF['ht']['tor_user'] . ' ' . CONF['ht']['mkdir_path'] . ' --mode=0700 ' . CONF['ht']['tor_keys_path'] . '/' . $id, result_code: $code);
|
|
if ($code !== 0)
|
|
output(500, 'Can\'t create Tor keys directory.');
|
|
|
|
$_SESSION['id'] = $id;
|
|
$_SESSION['display-username'] = htmlspecialchars($_POST['username']);
|
|
$_SESSION['type'] = 'testing';
|
|
|
|
redir();
|
|
}
|
|
|
|
?>
|
|
|
|
<p>Déjà un compte ? <a class="auth" href="login">Se connecter</a></p>
|
|
|
|
<form method="post">
|
|
|
|
<label for="username">Identifiant</label>
|
|
<br>
|
|
<input id="username" minlength="1" maxlength="1024" pattern="<?= USERNAME_REGEX ?>" required="" name="username" type="text" placeholder="<?= PLACEHOLDER_USERNAME ?>"><br>
|
|
|
|
<details>
|
|
<summary><label for="password">Clé de passe</label></summary>
|
|
<p>Une clé de passe sécurisée est trop compliquée à deviner pour une attaque qui testerait automatiquement plein de clés de passe tout en connaissant d'autres informations et secrets sur vous.</p>
|
|
<p>Minimum 8 caractères si elle contient minuscule, majuscule et chiffre, ou minimum 10 caractères sinon.</p>
|
|
</details>
|
|
<input autocomplete="new-password" id="password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" required="" name="password" type="password" placeholder="<?= PLACEHOLDER_PASSWORD ?>">
|
|
<br>
|
|
<input type="submit">
|
|
</form>
|