Fix login and order
This commit is contained in:
parent
dbecad8606
commit
484a36ce11
22 changed files with 399 additions and 520 deletions
|
|
@ -40,9 +40,9 @@ public node status
|
|||
|
||||
website account/order entry
|
||||
-> Panel/modules/website/login.php
|
||||
-> Panel/modules/website/sso.php and Panel/sso.php
|
||||
-> Panel/modules/website/sso.php and Panel/sso.php compatibility redirects
|
||||
-> Panel/modules/website/order.php
|
||||
-> shared users table and one-time SSO token table
|
||||
-> shared users table, separate website and Panel sessions
|
||||
```
|
||||
|
||||
## Panel -> Agent XML-RPC
|
||||
|
|
@ -168,14 +168,15 @@ Return shape:
|
|||
- `mem_percent`
|
||||
- `disk_percent`
|
||||
|
||||
## Website Account, SSO, And Order Entry
|
||||
## Website Account And Order Entry
|
||||
|
||||
| Endpoint | Purpose | Auth / Verification |
|
||||
|---|---|---|
|
||||
| `Panel/modules/website/login.php` | create website session from shared Panel user database | username/password checked against Panel hash format |
|
||||
| `Panel/modules/website/sso.php` | website SSO endpoint | website session or one-time SSO token |
|
||||
| `Panel/sso.php` | Panel SSO endpoint | Panel session or one-time SSO token |
|
||||
| `Panel/modules/website/order.php` | validate `service_id` and start order intent | website session for continuation |
|
||||
| `Panel/modules/website/sso.php` | compatibility redirect for old SSO links | no token/session creation |
|
||||
| `Panel/sso.php` | compatibility redirect for old SSO links | no token/session creation |
|
||||
| `Panel/modules/website/order.php` | validate `service_id`, slots, and location before adding to cart | anonymous website session |
|
||||
| `Panel/modules/website/cart.php` | review cart and require login only at checkout | anonymous website session; website login for checkout |
|
||||
|
||||
The old `Website/api/*` and `Website/webhook.php` checkout compatibility files are not present in this checkout. Payment processing must be reconnected and documented before public checkout is enabled.
|
||||
|
||||
|
|
|
|||
|
|
@ -120,21 +120,20 @@ The scheduler does not call agents directly at runtime. It stores cron lines on
|
|||
|
||||
This makes `ogp_api.php` part of the internal scheduler runtime contract.
|
||||
|
||||
## Website Account, SSO, And Order Entry
|
||||
## Website Account And Order Entry
|
||||
|
||||
| Endpoint | Auth | Purpose | Parameters | Returns |
|
||||
|---|---|---|---|---|
|
||||
| `Panel/modules/website/login.php` | Panel user credentials | create a website session against the shared Panel user table | username/password form | website session and redirect |
|
||||
| `Panel/modules/website/logout.php` | website session | destroy website session | none | redirect to website home |
|
||||
| `Panel/modules/website/sso.php?destination=panel` | website session | create a one-time token for Panel login | optional trusted return path | redirect to `Panel/sso.php` |
|
||||
| `Panel/sso.php?token=...` | one-time SSO token | create normal Panel session | token | redirect to Panel page |
|
||||
| `Panel/sso.php?destination=website` | Panel session | create a one-time token for website login | optional trusted return path | redirect to website SSO endpoint |
|
||||
| `Panel/modules/website/sso.php?token=...` | one-time SSO token | create website session | token | redirect to website page |
|
||||
| `Panel/modules/website/order.php` | website session for checkout continuation | validate catalog service and start order intent | `service_id` | order page or login redirect |
|
||||
| `Panel/modules/website/sso.php` | none | compatibility redirect for old SSO links | safe `destination` / `return` values | direct website or Panel redirect |
|
||||
| `Panel/sso.php` | none | compatibility redirect for old Panel-to-website SSO links | safe `destination` / `return` values | direct website or Panel redirect |
|
||||
| `Panel/modules/website/order.php` | anonymous website session | validate catalog service and configure order intent | `service_id`, slots/location POST | order page or cart redirect |
|
||||
| `Panel/modules/website/cart.php` | anonymous website session; website login required only for checkout | review cart and begin checkout intent | cart actions | cart page or login redirect |
|
||||
|
||||
SSO tokens are stored in `OGP_DB_PREFIXsso_tokens` as SHA-256 hashes, expire in 30-60 seconds, and are marked used after successful validation. Tokens never contain passwords, password hashes, permanent API keys, or PHP session IDs.
|
||||
SSO is deferred in the current implementation because `gameservers.world` and `panel.iaregamer.com` cannot share one PHP session cookie. Users can use the same Panel-backed credentials on both sites, but website and Panel sessions are separate.
|
||||
|
||||
The old `Website/api/create_order.php`, `Website/api/capture_order.php`, `Website/api/log_error.php`, and `Website/webhook.php` compatibility files are not present in this repository checkout. Until an active payment runtime is connected, the website order page validates service intent and sends customers to support rather than claiming checkout is complete.
|
||||
The old `Website/api/create_order.php`, `Website/api/capture_order.php`, `Website/api/log_error.php`, and `Website/webhook.php` compatibility files are not present in this repository checkout. Until an active payment runtime is connected, the website cart preserves validated order intent and displays a friendly checkout-unavailable message rather than claiming checkout is complete.
|
||||
|
||||
### Webhooks
|
||||
|
||||
|
|
@ -149,7 +148,7 @@ The old `Website/api/create_order.php`, `Website/api/capture_order.php`, `Websit
|
|||
| token auth | `Panel/ogp_api.php` |
|
||||
| host allowlist | `api_authorized.hosts`, `api_authorized.fwd_hosts`, `settings/api_hosts.php` |
|
||||
| role / ownership checks | inside `api_*` handlers in `ogp_api.php` |
|
||||
| one-time SSO token hash storage | `OGP_DB_PREFIXsso_tokens` |
|
||||
| website session cart | `$_SESSION['website_cart']` |
|
||||
|
||||
## Search Coverage Used For This Document
|
||||
|
||||
|
|
|
|||
|
|
@ -42,11 +42,11 @@ Commercial billing, provisioning, invoices, orders, transactions, coupons, and p
|
|||
|
||||
## Website Ordering Boundary
|
||||
|
||||
The active Gameservers.World website no longer links customers to `billing/order.php`. The public catalog uses `Panel/modules/website/order.php?service_id=...` as the order entry point. That page validates the enabled service server-side and sends logged-out users through website login before returning them to the intended service.
|
||||
The active Gameservers.World website no longer links customers to `billing/order.php`. The public catalog uses `Panel/modules/website/order.php?service_id=...` as the order entry point. That page validates the enabled service server-side and allows anonymous visitors to configure slots/location and add the package to the website session cart.
|
||||
|
||||
Payment approval and final provisioning remain server-side responsibilities. The browser must not call private provisioning methods directly, and prices must be read from server-side catalog data rather than query parameters.
|
||||
|
||||
In this repository checkout the historical `Panel/modules/billing` runtime is not present, although billing tables and integration references remain. The website order page therefore stops at validated order intent and support handoff until the active checkout/payment runtime is connected.
|
||||
In this repository checkout the historical `Panel/modules/billing` runtime is not present, although billing tables and integration references remain. The website cart therefore stops at validated order intent and a friendly checkout-unavailable message until the active checkout/payment runtime is connected.
|
||||
|
||||
## Admin Workflow
|
||||
|
||||
|
|
|
|||
|
|
@ -35,24 +35,15 @@ The website module centralizes these helpers in `includes/bootstrap.php`:
|
|||
|
||||
The website does not include the billing config loader directly. It reads panel or billing DB values safely, uses them only when needed, and avoids public fatal errors tied to missing config files.
|
||||
|
||||
## Shared Accounts and SSO
|
||||
## Shared Accounts
|
||||
|
||||
The website uses the Panel `users` table as the account source of truth. A customer has the same `user_id` on Gameservers.World, the GSP Panel, support, billing, and server orders.
|
||||
|
||||
Website login verifies credentials against the existing Panel password hash format. This preserves current Panel login behavior and avoids a second website password database.
|
||||
|
||||
`gameservers.world` and `panel.iaregamer.com` cannot share a normal PHP session cookie because they are unrelated parent domains. The bridge is a one-time SSO token:
|
||||
`gameservers.world` and `panel.iaregamer.com` cannot share a normal PHP session cookie because they are unrelated parent domains. SSO is deferred for this phase. The website and Panel keep separate sessions, and users may log in separately on both sites with the same credentials. Passwords, password hashes, PHP session IDs, and authentication tokens are never passed in URLs.
|
||||
|
||||
- website to Panel: `Panel/modules/website/sso.php` creates a token and redirects to `Panel/sso.php`
|
||||
- Panel to website: `Panel/sso.php` creates a token and redirects back to `Panel/modules/website/sso.php`
|
||||
- table: `OGP_DB_PREFIXsso_tokens`
|
||||
- lifetime: 30-60 seconds
|
||||
- storage: SHA-256 token hash only
|
||||
- reuse: rejected after `used_at` is set
|
||||
- URL contents: token only, never passwords, password hashes, API keys, or PHP session IDs
|
||||
- HTTPS is required in production
|
||||
|
||||
Expired tokens are cleaned opportunistically when SSO is used. The administration module also creates the table for fresh installs.
|
||||
`Panel/modules/website/sso.php` and `Panel/sso.php` are retained only as compatibility redirects for old links. Active navigation must not depend on them.
|
||||
|
||||
## Ordering
|
||||
|
||||
|
|
@ -62,11 +53,13 @@ The current public catalog route is `serverlist.php`. Customer-facing Order butt
|
|||
|
||||
The old `billing/order.php` route is obsolete in this repository layout and must not be used for active Gameservers.World links.
|
||||
|
||||
`order.php` validates the requested `service_id` server-side against enabled catalog records before allowing the customer to continue. Logged-out customers have the intended order path stored in the website session, are sent to `login.php`, and return to the same service after successful login.
|
||||
`order.php` validates the requested `service_id` server-side against enabled catalog records before allowing the customer to continue. Anonymous visitors can configure slots and location, add the server package to the session cart, and review the cart before login.
|
||||
|
||||
The website owns catalog display, order intent, login-return behavior, checkout entry, and customer confirmation. The Panel owns final provisioning, server assignment to the shared `user_id`, game-home creation, agent handoff, and provisioning state. Public browser requests must not call private provisioning methods directly.
|
||||
Login or registration is required only at checkout. The cart is stored in the website session and remains available through website login session regeneration. Panel registration is currently linked directly until a website-native registration form is restored.
|
||||
|
||||
Checkout/payment handlers are not present in this repository checkout. Until the active payment runtime is connected, `order.php` validates the selected service and sends the customer to support instead of pretending payment or provisioning is available.
|
||||
The website owns catalog display, cart storage, order intent, login-return behavior, checkout entry, and customer confirmation. The Panel owns final provisioning, server assignment to the shared `user_id`, game-home creation, agent handoff, and provisioning state. Public browser requests must not call private provisioning methods directly.
|
||||
|
||||
Checkout/payment handlers are not present in this repository checkout. Until the active payment runtime is connected, `cart.php` preserves the validated cart and shows a friendly checkout-unavailable message instead of pretending payment or provisioning is available.
|
||||
|
||||
## Navigation
|
||||
|
||||
|
|
@ -76,7 +69,7 @@ Website footer account links are state-aware:
|
|||
- logged in: `My Account`, `Order a Server`, `Control Panel`, `My Servers`, `Log Out`
|
||||
- staff-only links appear only for Panel admin users and still rely on Panel authorization server-side
|
||||
|
||||
The website Control Panel button sends logged-in users through website-to-Panel SSO. Logged-out users go through website login first. The Panel dashboard `Order Another Server` link sends logged-in Panel users through Panel-to-website SSO.
|
||||
The website main navigation also includes visible `Login`, `Create Account`, and `Cart` entries when appropriate. Control Panel, My Servers, and staff administration links point directly to the configured Panel domain. The Panel dashboard `Order Another Server` link points directly to the website catalog.
|
||||
|
||||
## Deployment
|
||||
|
||||
|
|
@ -101,6 +94,7 @@ Recommended:
|
|||
- `login.php`
|
||||
- `account.php`
|
||||
- `order.php`
|
||||
- `cart.php`
|
||||
- `sso.php`
|
||||
|
||||
## Pricing and Platform Reference
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue