203 lines
7.3 KiB
PHP
203 lines
7.3 KiB
PHP
<?php
|
|
/**
|
|
* Authentication Setup Script
|
|
* Run this script once to set up the authentication system
|
|
*
|
|
* Usage: php setup_auth.php
|
|
* Or via browser: http://your-domain/setup_auth.php
|
|
*
|
|
* IMPORTANT: Delete this file after running it!
|
|
*/
|
|
|
|
// Security check - only allow running once
|
|
$lockFile = __DIR__ . '/.auth_setup_done';
|
|
if (file_exists($lockFile)) {
|
|
die('Setup has already been completed. Delete .auth_setup_done to run again.');
|
|
}
|
|
|
|
require_once __DIR__ . '/vendor/autoload.php';
|
|
|
|
use Dotenv\Dotenv;
|
|
$dotenv = Dotenv::createImmutable(__DIR__);
|
|
$dotenv->load();
|
|
|
|
$db = new PDO(
|
|
"mysql:host={$_ENV['DB_HOST']};dbname={$_ENV['DB_NAME']};charset=utf8mb4",
|
|
$_ENV['DB_USER'],
|
|
$_ENV['DB_PASS'],
|
|
[PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]
|
|
);
|
|
|
|
$errors = [];
|
|
$success = [];
|
|
|
|
// Run migration
|
|
try {
|
|
$sql = file_get_contents(__DIR__ . '/migrations/003_add_authentication.sql');
|
|
|
|
// Split by semicolons and execute each statement
|
|
$statements = array_filter(array_map('trim', explode(';', $sql)));
|
|
|
|
foreach ($statements as $statement) {
|
|
if (!empty($statement)) {
|
|
try {
|
|
$db->exec($statement);
|
|
} catch (PDOException $e) {
|
|
// Ignore duplicate entry errors (tables already exist)
|
|
if ($e->getCode() != '42S01' && $e->getCode() != 23000) {
|
|
$errors[] = "SQL Error: " . $e->getMessage();
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
$success[] = "Database migration completed";
|
|
} catch (Exception $e) {
|
|
$errors[] = "Migration failed: " . $e->getMessage();
|
|
}
|
|
|
|
// Create admin user with proper password hash
|
|
$adminPassword = 'Admin@2026!';
|
|
$adminHash = password_hash($adminPassword, PASSWORD_BCRYPT);
|
|
|
|
try {
|
|
$stmt = $db->prepare("
|
|
INSERT INTO users (username, email, password_hash, role, is_active)
|
|
VALUES ('admin', 'admin@telvero.nl', ?, 'admin', 1)
|
|
ON DUPLICATE KEY UPDATE password_hash = VALUES(password_hash)
|
|
");
|
|
$stmt->execute([$adminHash]);
|
|
$success[] = "Admin user created/updated (username: admin, password: {$adminPassword})";
|
|
} catch (Exception $e) {
|
|
$errors[] = "Failed to create admin user: " . $e->getMessage();
|
|
}
|
|
|
|
// Create guest user with proper password hash
|
|
$guestPassword = 'Guest@2026!';
|
|
$guestHash = password_hash($guestPassword, PASSWORD_BCRYPT);
|
|
|
|
try {
|
|
$stmt = $db->prepare("
|
|
INSERT INTO users (username, email, password_hash, role, is_active)
|
|
VALUES ('guest', 'guest@telvero.nl', ?, 'guest', 1)
|
|
ON DUPLICATE KEY UPDATE password_hash = VALUES(password_hash)
|
|
");
|
|
$stmt->execute([$guestHash]);
|
|
$success[] = "Guest user created/updated (username: guest, password: {$guestPassword})";
|
|
} catch (Exception $e) {
|
|
$errors[] = "Failed to create guest user: " . $e->getMessage();
|
|
}
|
|
|
|
// Create lock file
|
|
if (empty($errors)) {
|
|
file_put_contents($lockFile, date('Y-m-d H:i:s'));
|
|
}
|
|
|
|
// Output results
|
|
$isCli = php_sapi_name() === 'cli';
|
|
|
|
if ($isCli) {
|
|
echo "\n=== Authentication Setup ===\n\n";
|
|
|
|
if (!empty($success)) {
|
|
echo "✓ SUCCESS:\n";
|
|
foreach ($success as $msg) {
|
|
echo " - {$msg}\n";
|
|
}
|
|
}
|
|
|
|
if (!empty($errors)) {
|
|
echo "\n✗ ERRORS:\n";
|
|
foreach ($errors as $msg) {
|
|
echo " - {$msg}\n";
|
|
}
|
|
}
|
|
|
|
echo "\n=== Default Credentials ===\n";
|
|
echo "Admin: admin / Admin@2026!\n";
|
|
echo "Guest: guest / Guest@2026!\n";
|
|
echo "\n⚠️ IMPORTANT: Change these passwords after first login!\n";
|
|
echo "\n✓ Setup complete. This script can now be deleted.\n\n";
|
|
} else {
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html lang="nl">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<title>Auth Setup - Telvero Talpa</title>
|
|
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css">
|
|
</head>
|
|
<body class="bg-light">
|
|
<div class="container mt-5">
|
|
<div class="row justify-content-center">
|
|
<div class="col-md-8">
|
|
<h1><i class="bi bi-shield-check"></i> Authentication Setup</h1>
|
|
|
|
<?php if (!empty($success)): ?>
|
|
<div class="card mb-3 border-success">
|
|
<div class="card-header bg-success text-white">✓ Succesvol</div>
|
|
<div class="card-body">
|
|
<ul class="mb-0">
|
|
<?php foreach ($success as $msg): ?>
|
|
<li><?= htmlspecialchars($msg) ?></li>
|
|
<?php endforeach; ?>
|
|
</ul>
|
|
</div>
|
|
</div>
|
|
<?php endif; ?>
|
|
|
|
<?php if (!empty($errors)): ?>
|
|
<div class="card mb-3 border-danger">
|
|
<div class="card-header bg-danger text-white">✗ Fouten</div>
|
|
<div class="card-body">
|
|
<ul class="mb-0">
|
|
<?php foreach ($errors as $msg): ?>
|
|
<li><?= htmlspecialchars($msg) ?></li>
|
|
<?php endforeach; ?>
|
|
</ul>
|
|
</div>
|
|
</div>
|
|
<?php endif; ?>
|
|
|
|
<div class="card mb-3 border-warning">
|
|
<div class="card-header bg-warning">⚠️ Standaard Inloggegevens</div>
|
|
<div class="card-body">
|
|
<table class="table table-sm mb-0">
|
|
<thead>
|
|
<tr><th>Gebruiker</th><th>Wachtwoord</th><th>Rol</th></tr>
|
|
</thead>
|
|
<tbody>
|
|
<tr>
|
|
<td><strong>admin</strong></td>
|
|
<td><code>Admin@2026!</code></td>
|
|
<td><span class="badge bg-danger">Admin</span></td>
|
|
</tr>
|
|
<tr>
|
|
<td><strong>guest</strong></td>
|
|
<td><code>Guest@2026!</code></td>
|
|
<td><span class="badge bg-secondary">Guest</span></td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
<div class="alert alert-warning mt-3 mb-0">
|
|
<strong>Belangrijk:</strong> Wijzig deze wachtwoorden na de eerste login!
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="d-flex gap-2">
|
|
<a href="/auth/login.php" class="btn btn-primary">
|
|
Ga naar Login
|
|
</a>
|
|
<a href="/admin/users.php" class="btn btn-secondary">
|
|
Gebruikersbeheer
|
|
</a>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html>
|
|
<?php
|
|
}
|