eghojansu · January 18, 2022 09:53
diff --git a/basic-auth-page.php b/basic-auth-page.php
 <?php

 // require PHP8

 $users = array(
    'admin' => password_hash('admin123', PASSWORD_BCRYPT),
 );
 $username = $_SERVER['PHP_AUTH_USER'] ?? null;
 $password = $_SERVER['PHP_AUTH_PW'] ?? null;
 $hash = $users[$username] ?? null;

 if ((!$username && !$password) || !$hash || !password_verify($password, $hash)) {
    header('WWW-Authenticate: Basic realm="Example Service"');
    header('HTTP/1.0 401 Unauthorized');
    print($hash ? 'Invalid credentials' : 'Unauthorized');
    exit();
 }

 // Your user has been authenticated
 ?>
 <!DOCTYPE html>
 <html lang="en">
 <head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Basic Auth Page</title>
 </head>
 <body>
    Welcome back, <?= $username ?>!
 </body>
 </html>
	<?php

	// require PHP8

	$users = array(
	'admin' => password_hash('admin123', PASSWORD_BCRYPT),
	);
	$username = $_SERVER['PHP_AUTH_USER'] ?? null;
	$password = $_SERVER['PHP_AUTH_PW'] ?? null;
	$hash = $users[$username] ?? null;

	if ((!$username && !$password) \|\| !$hash \|\| !password_verify($password, $hash)) {
	header('WWW-Authenticate: Basic realm="Example Service"');
	header('HTTP/1.0 401 Unauthorized');
	print($hash ? 'Invalid credentials' : 'Unauthorized');
	exit();
	}

	// Your user has been authenticated
	?>
	<!DOCTYPE html>
	<html lang="en">
	<head>
	<meta charset="UTF-8">
	<meta http-equiv="X-UA-Compatible" content="IE=edge">
	<meta name="viewport" content="width=device-width, initial-scale=1.0">
	<title>Basic Auth Page</title>
	</head>
	<body>
	Welcome back, <?= $username ?>!
	</body>
	</html>