From a845b328e326fc8c827ca43fafd43e8c39640275 Mon Sep 17 00:00:00 2001
From: alex <alex@alexloehr.net>
Date: Wed, 18 Jun 2025 09:38:52 +0000
Subject: [PATCH] adding iliastoken

---
 lib/libIlias.js       |    4 +++-
 settings.default.json |    3 ++-
 php/alex.php          |   19 +++++++++++++++++--
 3 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/lib/libIlias.js b/lib/libIlias.js
index b3d02a9..3badcb9 100644
--- a/lib/libIlias.js
+++ b/lib/libIlias.js
@@ -11,7 +11,7 @@
 const settings = require("../settings")
 const {getObjIdFromRefId} = require("./db")
 const db = require("./db")
-const {url} = settings.ilias
+const {url, iliastoken} = settings.ilias
 
 /////////////////////////////////////////////////////////////////////////
 
@@ -21,6 +21,7 @@
       obj_id,
       // dry: "1",
       dry: dry ? "1" : "0",
+      token: iliastoken,
    })
    let url2 = `${url}?${sp.toString()}`
    const res = await fetch(url2, {method: "DELETE"})
@@ -57,6 +58,7 @@
       obj_id,
       usr_id,
       dry: dry ? "1" : "0",
+      token: iliastoken,
    })
    let url2 = `${url}?${sp.toString()}`
    console.log("libIlias.deleteTeilnahme >>>", url2)
diff --git a/php/alex.php b/php/alex.php
index 9f94cbf..3f6ff54 100644
--- a/php/alex.php
+++ b/php/alex.php
@@ -1,20 +1,24 @@
 <?php
 declare(strict_types=1);
 
+$token = "jkhHKhui899HUKHBzGHtgoiedko2393490";
+
 try {
     # Init ILIAS
     require_once("Services/Init/classes/class.ilInitialisation.php");
     ilInitialisation::initILIAS();
 
-    include_once 'Services/Context/classes/class.ilContext.php';
-    ilContext::init(ilContext::CONTEXT_REST);
+    #include_once 'Services/Context/classes/class.ilContext.php';
+    #ilContext::init(ilContext::CONTEXT_REST);
 
     header("Content-Type: application/json; charset=UTF-8");
 
     $method = $_SERVER['REQUEST_METHOD'];
+    $curtoken = $_GET["token"];
     $command = $_GET["command"];
     $obj_id = (int) $_GET["obj_id"];
     $dry = $_GET["dry"]; # "0" = false, "1" = true
+
 
     $res = array(
         "method" => $method,
@@ -23,6 +27,16 @@
         "status" => null,
         "msg" => null
     );
+
+    // check token
+    if($token !== $curtoken) {
+        http_response_code(403);
+        $res["status"] = "error";
+        $res["msg"] = "access denied";
+        $json = json_encode($res, JSON_PRETTY_PRINT);
+        echo $json;
+        die(); // this ends here
+    }
 
     try {
         switch ($command) {
@@ -92,3 +106,4 @@
 }
 
 ?>
+
diff --git a/settings.default.json b/settings.default.json
index a4ca905..3f2f582 100644
--- a/settings.default.json
+++ b/settings.default.json
@@ -14,6 +14,7 @@
    },
    "ilias": {
       "urlDoc": "Url of custom ILIAS PHP file",
-      "url": "http://192.168.178.84:8060/alex.php"
+      "url": "http://192.168.178.84:8060/alex.php",
+      "iliastoken": "jkhHKhui899HUKHBzGHtgoiedko2393490"
    }
 }

--
Gitblit v1.8.0