CSRFトークンの追加

2025-12-08 03:18:12 +09:00
parent d810b7155f
commit 4085b77f6a
5 changed files with 61 additions and 44 deletions
--- a/src/Site/Controller/User.php
+++ b/src/Site/Controller/User.php
@@ -18,10 +18,16 @@ class User {
        exit();
      }

-      $doLogin = count($_POST) > 0;
+      $doLogin = $_SERVER['REQUEST_METHOD'] === 'POST';
      $error = '';

      if ($doLogin) {
+        if (!\verify_csrf_token($_POST['csrf_token'])) {
+          header('Location: /');
+          exit();
+        }
+        unset($_POST['csrf_token']);
+
        $a = [];
        if (count($_POST) === 2) {
          $i = 0;
@@ -91,6 +97,12 @@ class User {
      $nyuE = '';

      if ($doRegister) {
+        if (!\verify_csrf_token($_POST['csrf_token'])) {
+          header('Location: /');
+          exit();
+        }
+        unset($_POST['csrf_token']);
+
        $a = [];
        if (count($_POST) === 4) {
          $i = 0;
--- a/src/Site/Lib/Auth.php
+++ b/src/Site/Lib/Auth.php
@@ -51,30 +51,18 @@ class Auth {
    }

    $userData = $this->purgeOldTokens($userData);
-    $expire = 0;
-    $tokenExist = false;
+    $token = bin2hex(random_bytes(64));
+    $expire = time() + $this->tokenDuration;
+    $newToken = [
+      'token' => $token,
+      'ip' => $ip,
+      'createDate' => time(),
+      'expDate' => $expire,
+      'lastDate' => time(),
+      'userAgent' => $_SERVER['HTTP_USER_AGENT'] ?? '不明'
+    ];

-    foreach ($userData->tokens as $t) {
-      if ($t->ip === $ip) {
-        $tokenExist = true;
-        break;
-      }
-    }
-
-    if (!$tokenExist) {
-      $token = bin2hex(random_bytes(64));
-      $expire = time() + $this->tokenDuration;
-      $newToken = [
-        'token' => $token,
-        'ip' => $ip,
-        'createDate' => time(),
-        'expDate' => $expire,
-        'lastDate' => time(),
-        'userAgent' => $_SERVER['HTTP_USER_AGENT'] ?? '不明'
-      ];
-
-      $userData->tokens[] = $newToken;
-    }
+    $userData->tokens[] = $newToken;

    $path = $this->dataDir.$this->id.'.'.$userData->username.'.json';
    $json = json_encode($userData, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES);
@@ -83,20 +71,15 @@ class Auth {
      return \Result::error('エラー：ユーザーデータの保存に失敗。');
    }

-    if (!$tokenExist) {
-      $secure = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off');
-      $domain = $_SERVER['SERVER_NAME'];
-
-      if (!setcookie('kerozen', $token, [
-        'expires' => $expire,
-        'path' => '/',
-        'domain' => $domain,
-        'secure' => $secure,
-        'httponly' => true,
-        'samesite' => 'Strict'
-      ])) {
-        return \Result::error('エラー：クッキーを設定に失敗。');
-      }
+    if (!setcookie('kerozen', $token, [
+      'expires' => $expire,
+      'path' => '/',
+      'domain' => $_SERVER['SERVER_NAME'],
+      'secure' => (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off'),
+      'httponly' => true,
+      'samesite' => 'Strict'
+    ])) {
+      return \Result::error('エラー：クッキーを設定に失敗。');
    }

    return \Result::success('ログイン成功');
@@ -111,8 +94,6 @@ class Auth {

  public function logout(?string $token = null): \Result {
    if (!AUTH_ENABLED) return \Result::Error('エラー：認証システムは無効です。');
-    $secure = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off');
-    $domain = $_SERVER['SERVER_NAME'];
    $userData = $this->getUserData();

    if (!$token) {
@@ -124,8 +105,8 @@ class Auth {
    setcookie('kerozen', null, [
      'expires' => 0,
      'path' => '/',
-      'domain' => $domain,
-      'secure' => $secure,
+      'domain' => $_SERVER['SERVER_NAME'],
+      'secure' => (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off'),
      'httponly' => true,
      'samesite' => 'Strict'
    ]);