Oliver/loreal-global-kickoff
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
56 commits 1 branch 0 tags 190 KiB
Commit graph

2 commits

Author SHA1 Message Date
Vadym Samoilenko
aa5debc6c2 Register new users in roles file on first login 
Previously only admin_emails users were saved to user_roles.json.
Now all users are recorded with default role on first login so they
appear in the admin panel.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-02 20:51:30 +00:00
Vadym Samoilenko
53e9365c01 Add Azure AD SSO, RBAC (admin/user roles), and server-setup improvements 
- Enable SSO with Azure AD credentials (tenant + client ID + redirect_uri)
- Add JWTValidator.php: RS256 idToken validation via Azure JWKS with 1h cache
- Add auth.php: POST login handler sets auth cookie, GET logout clears it
- Add UserRoleManager.php: file-based role CRUD in data/user_roles.json
- Add admin.php: admin-only role management panel
- AuthMiddleware: add requireAdmin(), role in user array, fix MSAL redirect
- header.php: hide Activity Logs + Admin Panel tabs for non-admin users
- logs-viewer.php: protect with requireAdmin() instead of requireAuth()
- server-setup.sh: add composer check, data/ dir, PHP extension checks, SSO validation
- .gitignore: add data/ directory

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-02 20:34:50 +00:00