From 6c50b051bc4314e6ab63ff50512516f2a605ff25 Mon Sep 17 00:00:00 2001
From: Bryan <bryanpedini@bryanpedini.it>
Date: Thu, 6 Jun 2019 00:59:20 +0200
Subject: [PATCH] Added secondary security login with double password

---
 lib/js/login.js   |  3 ++-
 lib/php/login.php | 27 +++++++++++++++++----------
 2 files changed, 19 insertions(+), 11 deletions(-)

diff --git a/lib/js/login.js b/lib/js/login.js
index 400e768..91d22ce 100644
--- a/lib/js/login.js
+++ b/lib/js/login.js
@@ -1,7 +1,7 @@
 function login ( ) {
     var username = document.getElementById ( "form-username" ).value;
     var password = document.getElementById ( "form-password" ).value;
-    password = SHA512 ( password );
+    hashedpassword = SHA512 ( password );
     var xhr = new XMLHttpRequest ( );
     xhr.open ( "POST", 'login', true );
     xhr.onreadystatechange = function ( ) {
@@ -24,6 +24,7 @@ function login ( ) {
     data = new FormData ( );
     data.append('username', username);
     data.append('password', password);
+    data.append('hashedpassword', hashedpassword);
     xhr.send( data );
 }
 
diff --git a/lib/php/login.php b/lib/php/login.php
index fc7cae7..4521748 100644
--- a/lib/php/login.php
+++ b/lib/php/login.php
@@ -7,16 +7,8 @@
         include ( 'lib/php/forgot.php' );
         exit;
     }
-    if ( isset ( $_POST [ 'username' ] ) && isset ( $_POST [ 'password' ] ) ) {
-        $username = $_POST [ 'username' ];
-        $password = $_POST [ 'password' ];
-        $database = new Database ( $config [ 'db' ] );
-        $database->connect ( );
-        $database->prepare ( "SELECT users.id FROM users WHERE users.username = :username AND users.password = :password" );
-        $database->bind ( [ ':username' => $username, ':password' => $password ] );
-        $database->execute ( );
-        $result = $database->get_result ( );
-        if ( $result->rowCount ( ) == 0 ) {
+    if ( isset ( $_POST [ 'username' ] ) && isset ( $_POST [ 'password' ] ) && isset ( $_POST [ 'hashedpassword' ] ) ) {
+        function wrong_credentials ( ) {
             header ( 'Content-Type: application/json' );
             http_response_code ( 401 );
             $response = [
@@ -26,6 +18,21 @@
             echo ( json_encode ( $response ) );
             exit;
         }
+        $username = $_POST [ 'username' ];
+        $password = $_POST [ 'password' ];
+        $hashedpassword = $_POST [ 'hashedpassword' ];
+        if ( strcasecmp ( hash ( "sha512", $password ), $hashedpassword ) != 0 ) {
+            wrong_credentials ( );
+        }
+        $database = new Database ( $config [ 'db' ] );
+        $database->connect ( );
+        $database->prepare ( "SELECT users.id FROM users WHERE users.username = :username AND users.password = :password" );
+        $database->bind ( [ ':username' => $username, ':password' => strtoupper ( $hashedpassword ) ] );
+        $database->execute ( );
+        $result = $database->get_result ( );
+        if ( $result->rowCount ( ) == 0 ) {
+            wrong_credentials ( );
+        }
         else {
             $row = $result->fetchAll ( ) [ 0 ];
             $_SESSION [ 'user_id' ] = $row [ 'id' ];