I am trying to determine the feasibility of integrating a python application into the FreePBX GUI as a module.
I could not find the FreePBX php authentication code on github. I would like to reuse the session so the user does not need to log in with separate credentials. Could anyone provide a link to the file/files? Or the filename/filenames.
Considering the session is a PHP session python isn’t going to help you much
Can you give us a hint what the application does? Maybe we can get you on the right path.
It manages a firewall.
I realize it is a PHP session. I am not familiar with the internals of FreePBX, but I assume the session is backed by the database correct? It doesn’t look like the session id is passed as a querystring token, so I should be able to inspect the cookie for the token? All I would need to do is verify the session is authenticated at that point.
I am only interested in allowing administrators to access the application, so the authentication check shouldn’t be too complicated.
I think it would be fairly straightforward to implement a PHP module that outputs HTML which loads the actual content HTML produced by python in an IFrame. Not 100% certain of how the proxy will look, but I think Apache will allow fcgi configuration (unfortunately not ProxyPass or wsgi) from htaccess files. If that doesn’t work it shouldn’t be too difficult to proxy via php.
No. That is the problem with your concept. It is also not token based. So while you can intercept the cookie for the PHP session ID you would not be able to decode it without PHP
Also, just thinking about it after your comments… I guess it may be simpler just to write the proxy in PHP and only proxy if authentication passes. Then the python application can simply proceed as normal and assume that all requests are authenticated. I can use a unix socket file for permission management so only the PHP user can access the resource.
Gotcha. That would be a problem then.
That would be the way to go.
Thank you for the help tm1000