Fix login and order

This commit is contained in:
Frank Harris 2026-06-17 14:53:00 -05:00
parent dbecad8606
commit 484a36ce11
22 changed files with 399 additions and 520 deletions

View file

@ -40,9 +40,9 @@ public node status
website account/order entry
-> Panel/modules/website/login.php
-> Panel/modules/website/sso.php and Panel/sso.php
-> Panel/modules/website/sso.php and Panel/sso.php compatibility redirects
-> Panel/modules/website/order.php
-> shared users table and one-time SSO token table
-> shared users table, separate website and Panel sessions
```
## Panel -> Agent XML-RPC
@ -168,14 +168,15 @@ Return shape:
- `mem_percent`
- `disk_percent`
## Website Account, SSO, And Order Entry
## Website Account And Order Entry
| Endpoint | Purpose | Auth / Verification |
|---|---|---|
| `Panel/modules/website/login.php` | create website session from shared Panel user database | username/password checked against Panel hash format |
| `Panel/modules/website/sso.php` | website SSO endpoint | website session or one-time SSO token |
| `Panel/sso.php` | Panel SSO endpoint | Panel session or one-time SSO token |
| `Panel/modules/website/order.php` | validate `service_id` and start order intent | website session for continuation |
| `Panel/modules/website/sso.php` | compatibility redirect for old SSO links | no token/session creation |
| `Panel/sso.php` | compatibility redirect for old SSO links | no token/session creation |
| `Panel/modules/website/order.php` | validate `service_id`, slots, and location before adding to cart | anonymous website session |
| `Panel/modules/website/cart.php` | review cart and require login only at checkout | anonymous website session; website login for checkout |
The old `Website/api/*` and `Website/webhook.php` checkout compatibility files are not present in this checkout. Payment processing must be reconnected and documented before public checkout is enabled.