defaultEnable()) { Http::errorPage('Plugin nie jest włączony dla tego serwera.', 403); } if ($settings->method() !== 'login_url') { Http::errorPage('Metoda logowania nie jest obsługiwana.', 500); } $ctx = DirectAdminContext::fromServer($_SERVER, $settings); $auditBase = [ 'request_id' => bin2hex(random_bytes(8)), 'source_host' => $ctx->sourceHost(), 'server_name' => $ctx->serverName(), 'target_host' => $settings->targetBaseUrl(), 'username' => $ctx->username(), 'ttl' => $settings->loginKeyTtl(), 'user_ip_bound' => $settings->userIpBound() ? 1 : 0, ]; $clientIp = ClientIp::resolve($_SERVER, $settings); $auditBase['client_ip'] = $settings->auditClientIp($clientIp); $createdAt = time(); $correlation = KeyName::build($ctx->serverName(), $ctx->username(), $createdAt); $auditBase['correlation'] = $correlation; $limiter = new RateLimiter(Settings::STATE_DIR . '/rate-limit'); $limiter->assertAllowed('user-' . $ctx->username(), $settings->rateLimitPerUserPerMinute(), 60); $limiter->assertAllowed('ip-' . str_replace([':', '.'], '-', $clientIp), $settings->rateLimitPerIpPerMinute(), 60); $redirectPath = UrlValidator::assertSafeRedirectPath($settings->redirectUrl()); $request = new LoginUrlRequest( $ctx->username(), $ctx->sourceHost(), $ctx->serverName(), $settings->loginKeyTtl(), $settings->userIpBound(), $clientIp, $redirectPath, $createdAt ); try { $url = (new RemoteLoginUrlClient())->create($settings, $request); AuditLog::append(Settings::AUDIT_LOG, $auditBase + [ 'event' => 'create_login_url', 'result' => 'success', ]); Http::redirectNoStore($url); } catch (Throwable $e) { AuditLog::append(Settings::AUDIT_LOG, $auditBase + [ 'event' => 'create_login_url', 'result' => 'failure', 'category' => get_class($e), 'message' => $e->getMessage(), ]); Http::errorPage('Nie można teraz zalogować do serwera poczty.', 502); } };