Sindbad~EG File Manager

Current Path : /opt/nginxhttpd_/etc/openresty_config/lua/lib/
Upload File :
Current File : //opt/nginxhttpd_/etc/openresty_config/lua/lib/o2switch_cookie_challenge.lua

--[[
This file contains a module with all the functions usage for the Cookie challenge protection.
To summarise, it will send a 307 response with a setCookie header containing a security hash.
We'll check the presence of this security hash in the following requests.
--]]

local _M = {}

local o2config = require "lib/o2switch_config"
local md5 = ngx.md5
local today = ngx.today
local time = ngx.time
local cookieTime = ngx.cookie_time
local salt = o2config.cookieSecret

--- Generate the cookie value for the "cookie" challenge. The value is based on the clientip, ua, domain and a salt
-- @param clientip The client (browser) ip address
-- @param ua The client User Agent
-- @param domain The domain name
-- @return The challenge cookie value (a hash)
function _M.getChallengeCookieValue(clientip, ua, domain)
    return md5(clientip .. (ua or '-') .. domain .. salt .. today())
end

--- Send a 307 response with a Cookie-Set header to force the browser to re-send the request with a cookie
-- @param domain The domain name
-- @param cookieName The name of the cookie used in the challenge
-- @param cookieValue The value of the cookie (@see the getChallengeCookieValue function)
-- @return nothing. It send the Nginx response directly.
function _M.send307WithCookie(domain, cookieName, cookieValue)
    ngx.status = 307
    ngx.header.content_type = "text/html; charset=UTF-8"
    ngx.header.cache_control = "private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0"
    ngx.header.expires = "Thu, 01 Jan 1970 00:00:01 GMT"
    ngx.header.referer_policy = "same-origin"
    ngx.header.set_cookie = cookieName .. '=' .. cookieValue .. '; domain=.'.. domain ..'; expires='.. cookieTime(time() + 86400) ..'; path=/; SameSite=Lax; HttpOnly'
    -- Force empty response otherwise the redirect will not happen and the browser will display the response
    -- ngx.header.content_length = 0
    ngx.header.location = ngx.var.scheme.."://"..ngx.var.http_host..ngx.var.request_uri
    ngx.header.tiger_protect_security = "https://faq.o2switch.fr/hebergement-mutualise/tutoriels-cpanel/tiger-protect"
    ngx.say("")
    ngx.exit(ngx.HTTP_OK)
end

return _M

Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists