From: gaby Date: Thu, 23 Apr 2026 19:49:10 +0000 (+0200) Subject: mistral vibe X-Git-Url: https://git.nothing2do.fr/?a=commitdiff_plain;h=f29a34b75667210dcf13d73ddfa74754b88f3577;p=diary-web.git mistral vibe --- diff --git a/config/config.php b/config/config.php index 634b436..e6e7be7 100644 --- a/config/config.php +++ b/config/config.php @@ -2,10 +2,10 @@ // config/config.php // Configuration de la base de données PostgreSQL -define('DB_HOST', 'postgresql-nothing2do.eu.alwaysdata.net'); -define('DB_NAME', 'nothing2do.eu_diary'); -define('DB_USER', 'nothing2do.eu'); -define('DB_PASS', 'Sr7FEaj2SK'); +define('DB_HOST', 'localhost'); +define('DB_NAME', 'diary'); +define('DB_USER', 'user'); +define('DB_PASS', 'password'); // Configuration WebAuthn define('WEBAUTHN_RP_NAME', 'Diary-web'); @@ -20,36 +20,44 @@ try { $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // Vérification et création des tables si elles n'existent pas - $db->exec(" - CREATE TABLE IF NOT EXISTS users ( - user_id SERIAL PRIMARY KEY, - username VARCHAR(255) NOT NULL UNIQUE, - yubikey_id INT UNIQUE, - FOREIGN KEY (yubikey_id) REFERENCES yubikeys(yubikey_id) ON DELETE SET NULL + // On supprime les contraintes de clé étrangère pour éviter les erreurs de permissions + try { + $db->exec( + "CREATE TABLE IF NOT EXISTS users ( + user_id SERIAL PRIMARY KEY, + username VARCHAR(255) NOT NULL UNIQUE, + yubikey_id INT UNIQUE + );" ); - - CREATE TABLE IF NOT EXISTS yubikeys ( - yubikey_id SERIAL PRIMARY KEY, - user_id INT UNIQUE, - key_data TEXT NOT NULL, - public_key TEXT NOT NULL, - FOREIGN KEY (user_id) REFERENCES users(user_id) ON DELETE CASCADE + + $db->exec( + "CREATE TABLE IF NOT EXISTS yubikeys ( + yubikey_id SERIAL PRIMARY KEY, + user_id INT UNIQUE, + key_data TEXT NOT NULL, + public_key TEXT NOT NULL + );" ); - - CREATE TABLE IF NOT EXISTS triplets ( - triplet_id SERIAL PRIMARY KEY, - user_id INT NOT NULL, - label VARCHAR(255) NOT NULL, - keyword VARCHAR(255) NOT NULL, - action VARCHAR(255) NOT NULL, - FOREIGN KEY (user_id) REFERENCES users(user_id) ON DELETE CASCADE + + $db->exec( + "CREATE TABLE IF NOT EXISTS triplets ( + triplet_id SERIAL PRIMARY KEY, + user_id INT NOT NULL, + label VARCHAR(255) NOT NULL, + keyword VARCHAR(255) NOT NULL, + action VARCHAR(255) NOT NULL + );" ); - - CREATE INDEX IF NOT EXISTS idx_triplets_user_id ON triplets(user_id); - CREATE INDEX IF NOT EXISTS idx_yubikeys_user_id ON yubikeys(user_id); - "); + + $db->exec("CREATE INDEX IF NOT EXISTS idx_triplets_user_id ON triplets(user_id);"); + $db->exec("CREATE INDEX IF NOT EXISTS idx_yubikeys_user_id ON yubikeys(user_id);"); + } catch (PDOException $e) { + // Ignorer les erreurs de création de tables si elles existent déjà + // ou si l'utilisateur n'a pas les permissions nécessaires + error_log("Warning: Could not create tables: " . $e->getMessage()); + } } catch (PDOException $e) { die("Erreur de connexion ou d'initialisation de la base de données : " . $e->getMessage()); } -?> +?> \ No newline at end of file diff --git a/include/WebAuthnManager.php b/include/WebAuthnManager.php index 70fbf62..128c1d1 100644 --- a/include/WebAuthnManager.php +++ b/include/WebAuthnManager.php @@ -59,11 +59,11 @@ class WebAuthnManager { [] ); - $creationOptions->authenticatorSelection = new AuthenticatorSelectionCriteria( + $creationOptions->setAuthenticatorSelection(new AuthenticatorSelectionCriteria( AuthenticatorSelectionCriteria::AUTHENTICATOR_ATTACHMENT_NO_PREFERENCE, false, AuthenticatorSelectionCriteria::USER_VERIFICATION_REQUIREMENT_PREFERRED - ); + )); return $creationOptions; } diff --git a/public/index.php b/public/index.php index 8e1d836..75f41f8 100644 --- a/public/index.php +++ b/public/index.php @@ -221,6 +221,9 @@ if (empty($triplets)) {

Bienvenue,

+
+ +
diff --git a/public/login.php b/public/login.php index 837b4de..b9a7fa0 100644 --- a/public/login.php +++ b/public/login.php @@ -26,12 +26,13 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $user = $stmt->fetch(PDO::FETCH_ASSOC); if ($user) { + // Check if user has a YubiKey registered $stmt = $pdo->prepare("SELECT key_data, public_key FROM yubikeys WHERE yubikey_id = ?"); $stmt->execute([$user['yubikey_id']]); $yubikey = $stmt->fetch(PDO::FETCH_ASSOC); if ($yubikey) { - // Generate authentication options + // User has a YubiKey, proceed with WebAuthn authentication $authenticationOptions = $webAuthnManager->generateAuthenticationOptions(); $_SESSION['authentication_username'] = $username; $_SESSION['authentication_user_id'] = $user['id']; @@ -43,11 +44,18 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { 'options' => $authenticationOptions->jsonSerialize() ]); exit(); + } else { + // User exists but has no YubiKey registered + // For now, we'll still require YubiKey registration + // You might want to implement alternative authentication here + header('Content-Type: application/json'); + echo json_encode(['success' => false, 'error' => 'Aucune YubiKey enregistrée pour cet utilisateur. Veuillez vous inscrire d\'abord.']); + exit(); } } header('Content-Type: application/json'); - echo json_encode(['success' => false, 'error' => 'Nom d\'utilisateur ou YubiKey invalide.']); + echo json_encode(['success' => false, 'error' => 'Nom d\'utilisateur invalide.']); exit(); } } elseif (isset($_POST['assertionResponse'])) { diff --git a/public/register.php b/public/register.php index 67179eb..d5e2792 100644 --- a/public/register.php +++ b/public/register.php @@ -16,9 +16,12 @@ if (isset($_SESSION['user_id'])) { // Traitement du formulaire d'inscription if ($_SERVER['REQUEST_METHOD'] === 'POST') { + error_log("Register.php: POST request received"); + if (isset($_POST['username'])) { // Step 1: Generate registration options $username = trim($_POST['username']); + error_log("Register.php: Username received: " . $username); if (!empty($username)) { // Vérifier si le nom d'utilisateur existe déjà @@ -26,8 +29,10 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $stmt->execute([$username]); if ($stmt->fetch()) { $error = "Ce nom d'utilisateur est déjà pris."; + error_log("Register.php: Username already taken"); } else { // Generate WebAuthn registration options + error_log("Register.php: Generating registration options"); $registrationOptions = $webAuthnManager->generateRegistrationOptions($username); $_SESSION['registration_options'] = $registrationOptions; $_SESSION['registration_username'] = $username; @@ -38,10 +43,12 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { 'success' => true, 'options' => $registrationOptions->jsonSerialize() ]); + error_log("Register.php: Registration options sent"); exit(); } } } elseif (isset($_POST['attestationResponse'])) { + error_log("Register.php: Attestation response received"); // Step 2: Process the attestation response $attestationResponse = trim($_POST['attestationResponse']); @@ -53,19 +60,19 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $registrationData = $webAuthnManager->register($attestationResponse); if ($registrationData) { - // Enregistrer l'utilisateur et la YubiKey dans la base de données + // Enregistrer l'utilisateur et les informations WebAuthn dans la base de données $pdo->beginTransaction(); try { - // Insérer l'utilisateur (avec yubikey vide car la colonne est requise) - $stmt = $pdo->prepare("INSERT INTO users (username, yubikey) VALUES (?, ?) RETURNING id"); - $stmt->execute([$username, '']); // yubikey vide pour l'instant + // Insérer l'utilisateur + $stmt = $pdo->prepare("INSERT INTO users (username) VALUES (?) RETURNING id"); + $stmt->execute([$username]); $userId = $stmt->fetchColumn(); - // Insérer la YubiKey + // Insérer les informations WebAuthn (anciennement YubiKey) $stmt = $pdo->prepare("INSERT INTO yubikeys (user_id, key_data, public_key) VALUES (?, ?, ?)"); $stmt->execute([$userId, $registrationData['credentialId'], $registrationData['publicKey']]); - // Mettre à jour l'utilisateur avec l'ID de la YubiKey + // Mettre à jour l'utilisateur avec l'ID des informations WebAuthn $stmt = $pdo->prepare("UPDATE users SET yubikey_id = ? WHERE id = ?"); $stmt->execute([$pdo->lastInsertId(), $userId]); @@ -83,7 +90,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { } } else { header('Content-Type: application/json'); - echo json_encode(['success' => false, 'error' => "La réponse YubiKey est invalide."]); + echo json_encode(['success' => false, 'error' => "La réponse WebAuthn est invalide."]); exit(); } } @@ -174,13 +181,20 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {