Add the posibility to secure the application

Author: dspasic

README.md

@@ -1,3 +1,12 @@
 # Pocs
 Pocs stands for PHP Opcode Cache Status and provides a simple dashboard with some (OpCache)[http://php.net/manual/en/book.opcache.php]
 status information's.
+
+## Secure Pocs
+To secure Pocs just create a `pocs.config.php` file in the same directory as the pocs.phar is stored and define the
+following constants. 
+
+```php
+define('POCS_AUTH_USER', 'USERNAME');
+define('POCS_AUTH_PW', 'PASSWORD');
+```

web/index.php

@@ -6,6 +6,27 @@
     die("Module Zend OPcache is not loaded");
 }
 
+$pocsConfigFile = str_replace(
+    'phar://',
+    '',
+    dirname(dirname(__DIR__)). '/pocs.config.php'
+);
+
+if (file_exists($pocsConfigFile)) {
+    include $pocsConfigFile;
+
+    if (defined('POCS_AUTH_USER') && defined('POCS_AUTH_PW')) {
+        $user = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : null;
+        $pass = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : null;
+
+        if (false === (isset($user, $pass) && [POCS_AUTH_USER, POCS_AUTH_PW] === [$user, $pass])) {
+            header('WWW-Authenticate: Basic realm="My Realm"');
+            header('HTTP/1.0 401 Unauthorized');
+            die("Not authorized");
+        }
+    }
+}
+
 class IndexView
 {
     private $configuration;