First version, for githup; UNSTABLE, DO NOT USE!

scripts/websocket/ws-create-token.php

@@ -0,0 +1,56 @@
+<?php
+if (session_status() !== PHP_SESSION_ACTIVE) session_start();
+
+$wsPermissions = [
+    'displaycontrol' => ['access_granted_wk_leitung'],
+    'einstellungen' => ['access_granted_wk_leitung'],
+    'kampfrichter' => ['access_granted_kampfrichter']
+];
+
+$baseDir = $_SERVER['DOCUMENT_ROOT'];
+
+require_once __DIR__ . '/../redis/connect-to-redis.php';
+
+$redisSaveTime = 100;
+$redis = null;
+
+connectToRedis();
+
+function checkWSTokenPermissions($RPerm) {
+    switch ($RPerm) {
+        case 'displaycontrol':
+            return $_SESSION['access_granted_wk_leitung'] ?? false;
+        case 'einstellungen':
+            return $_SESSION['access_granted_wk_leitung'] ?? false;
+        case 'kampfrichter';
+            return $_SESSION['access_granted_kampfrichter'] ?? false;
+        default:
+            return false;
+    }
+}
+
+function generateWSToken($wsRequestedPermission) {
+    
+    global $redis;
+
+    if (!checkWSTokenPermissions($wsRequestedPermission)) return null;
+
+    $wsGrantedPermission = [];
+
+    if ($wsRequestedPermission === 'kampfrichter') {
+        if (!isset($_SESSION['selectedFreigabeKampfrichter'])) return null;
+        $wsGrantedPermission['type'] = 'kampfrichter';
+        $wsGrantedPermission['access'] = $_SESSION['selectedFreigabeKampfrichter'];
+    } else {
+        $wsGrantedPermission['type'] = $wsRequestedPermission;
+    }
+
+    $token = bin2hex(random_bytes(32));
+    $key = "ws:token:" . $token;
+
+    $success = $redis->set($key, json_encode($wsGrantedPermission), ['nx', 'ex' => 10]);
+
+    $_SESSION['WS_KEY'] = $key;
+
+    return $key;
+}