Apache Form Login Tutorial

benutzer /srv/1

httpd.apache.org/docs/2.4/programs ↗

$ which htpasswd

$ htpasswd -c usr/conf/passwd <Benutzer>

benutzer

$ sqlite3 usr/data.sqlite3

> .tables

> CREATE TABLE session (value VARCHAR(255), expiry VARCHAR(255), key VARCHAR(255));

> .quit

benutzer /srv/1

$ vi usr/conf/httpd.conf

+ LoadModule auth_form_module modules/mod_auth_form.so + LoadModule dbd_module modules/mod_dbd.so + LoadModule request_module modules/mod_request.so + LoadModule session_module modules/mod_session.so + LoadModule session_dbd_module modules/mod_session_dbd.so

benutzer

$ vi usr/conf/httpd.conf

# # Note that from this point forward you must specifically allow # particular features to be enabled - so if something's not working as # you might expect, make sure that you have specifically enabled it # below. # + DBDriver sqlite3 + + DBDParams "/srv/1/usr/data.sqlite3" + + DBDPrepareSQL "INSERT INTO session (value, expiry, key) VALUES (%s, %lld, %s)" insertsession + DBDPrepareSQL "SELECT value FROM session WHERE key = %s AND (expiry = 0 OR expiry > %lld)" selectsession + DBDPrepareSQL "UPDATE session SET value = %s, expiry = %lld, key = %s WHERE key = %s" updatesession + DBDPrepareSQL "DELETE FROM session WHERE key = %s" deletesession + DBDPrepareSQL "DELETE FROM session WHERE expiry != 0 AND expiry < %lld" cleansession

benutzer

$ vi usr/conf/httpd.conf

+ <Location "/admin"> + + AuthFormProvider file + AuthUserFile "conf/passwd" + AuthType form + AuthName "/admin" + + AuthFormLoginRequiredLocation "/admin.html" + AuthFormLoginSuccessLocation "/admin" + AuthFormLogoutLocation "/admin.html" + + + Session On + + SessionDBDPerUser On + SessionDBDCookieName session path=/ + + + Require valid-user + + + <If "%{QUERY_STRING} == 'einloggen'"> + SetHandler form-login-handler + </If> + + <If "%{QUERY_STRING} == 'ausloggen'"> + SetHandler form-logout-handler + </If> + + </Location>

$ apachectl configtest

$ su root -c "usr/bin/apachectl restart"

benutzer /srv/1

$ mkdir usr/htdocs/admin

$ vi usr/htdocs/admin.html

<!DOCTYPE html> <html lang=de> <head> <title> Admin </title> </head> <body> <form method=POST action=/admin?einloggen> Benutzername: <input type=text name=httpd_username value=""> Passwort: <input type=password name=httpd_password value=""> <input type=submit name=login value=Einloggen> </form> </body>