PHP: fopen to check whether client has authenticated with a password protected file (htpasswd)

Question

Say I have a directory protected using htpasswd called /secret

A valid user logs into /secret.

They are redirected back to a public area.

From within that public area, is there a way within PHP to know whether the current user has authenticated with htpasswd?

Thanks for your time!

Answer 1

Inside the /secret folder, you could have the index page set a session and check that from the public area.

For example, in PHP:

/secret/index.php

<?php
session_start();
$_SESSION['htpasswdAuth'] = true;
header("Location: /public/area");
?>

Then your other scripts can do something like:

<?php
session_start();

if(isset($_SESSION['htpasswdAuth']) && $_SESSION['htpasswdAuth'] == true)
{
    echo 'hello authenticated user!';
}
?>