Grok Nest Authentication API

These PHP files provide server-side authentication for the Grok Nest chat page.

Files to Upload to Server

Upload these files to /var/www/html/api/ on mkultra.monster (159.223.156.156):

• grok-auth.php - Validates password and creates session
• grok-check.php - Checks if user is authenticated
• grok-logout.php - Destroys session (logout)

Upload Command

scp -i ~/.ssh/pop-nova api/grok-*.php root@159.223.156.156:/var/www/html/api/

How It Works

1. Password stored server-side only - Never exposed to client
2. PHP sessions - Can’t be faked with localStorage tricks
3. Session expires after 24 hours - Auto-logout for security
4. CORS configured - Only mkultra.monster can access

Security

✅ Unhackable - Password hash only exists on server ✅ No bypass - Session validation happens server-side ✅ Auto-expire - Sessions expire after 24 hours

Change Password

Edit grok-auth.php and update the PASSWORD_HASH constant:

# Generate new hash
echo -n 'your-new-password' | sha256sum

Then update line 12 in grok-auth.php with the new hash.