gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2024-11-26 15:32:13 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add files for 2 factor authentication

Browse Source
This commit is contained in:
Uwe Steinmann 2016-07-12 17:39:10 +02:00
parent 5e5951880f
commit 2bc217b156
3 changed files with 195 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
op/op.Setup2Factor.php Normal file
View File

@ -0,0 +1,40 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2009-2012 Uwe Steinmann
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include("../inc/inc.Settings.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
include("../inc/inc.ClassPasswordStrength.php");
include("../inc/inc.ClassPasswordHistoryManager.php");
if ($user->isGuest()) {
UI::exitError(getMLText("2_fact_auth"),getMLText("access_denied"));
}
$secret = $_POST["secret"];
$user->setSecret($secret);
header("Location:../out/out.Setup2Factor.php");

36
out/out.Setup2Factor.php Normal file
View File

@ -0,0 +1,36 @@
<?php
/**
* Setup 2-factor authentication
*
* @category DMS
* @package SeedDMS
* @license GPL 2
* @version @version@
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2016 Uwe Steinmann
* @version Release: @package_version@
*/
include("../inc/inc.Settings.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if ($user->isGuest()) {
UI::exitError(getMLText("2_factor_auth"),getMLText("access_denied"));
}
if($view) {
$view->setParam('enable2factauth', $settings->_enable2FactorAuthentication);
$view->setParam('accessobject', $accessop);
$view($_GET);
exit;
}

119
views/bootstrap/class.Setup2Factor.php Normal file
View File

@ -0,0 +1,119 @@
<?php
/**
* Implementation of Setup2Factor view
*
* @category DMS
* @package SeedDMS
* @license GPL 2
* @version @version@
* @author Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2016 Uwe Steinmann
* @version Release: @package_version@
*/
/**
* Include parent class
*/
require_once("class.Bootstrap.php");
/**
* Include classes for 2-factor authentication
*/
require "vendor/robthree/twofactorauth/lib/Providers/Qr/IQRCodeProvider.php";
require "vendor/robthree/twofactorauth/lib/Providers/Qr/BaseHTTPQRCodeProvider.php";
require "vendor/robthree/twofactorauth/lib/Providers/Qr/GoogleQRCodeProvider.php";
require "vendor/robthree/twofactorauth/lib/Providers/Rng/IRNGProvider.php";
require "vendor/robthree/twofactorauth/lib/Providers/Rng/MCryptRNGProvider.php";
require "vendor/robthree/twofactorauth/lib/TwoFactorAuthException.php";
require "vendor/robthree/twofactorauth/lib/TwoFactorAuth.php";
/**
* Class which outputs the html page for ForcePasswordChange view
*
* @category DMS
* @package SeedDMS
* @author Markus Westphal, Malcolm Cowe, Uwe Steinmann <uwe@steinmann.cx>
* @copyright Copyright (C) 2016 Uwe Steinmann
* @version Release: @package_version@
*/
class SeedDMS_View_Setup2Factor extends SeedDMS_Bootstrap_Style {
function js() { /* {{{ */
header('Content-Type: application/javascript');
?>
function checkForm()
{
msg = new Array();
if($("#currentpwd").val() == "") msg.push("<?php printMLText("js_no_pwd");?>");
if($("#pwd").val() == "") msg.push("<?php printMLText("js_no_pwd");?>");
if($("#pwd").val() != $("#pwdconf").val()) msg.push("<?php printMLText("js_pwd_not_conf");?>");
if (msg != "") {
noty({
text: msg.join('<br />'),
type: 'error',
dismissQueue: true,
layout: 'topRight',
theme: 'defaultTheme',
_timeout: 1500,
});
return false;
}
else
return true;
}
$(document).ready( function() {
$('body').on('submit', '#form', function(ev){
if(checkForm()) return;
ev.preventDefault();
});
});
<?php
} /* }}} */
function show() { /* {{{ */
$dms = $this->params['dms'];
$user = $this->params['user'];
$this->htmlStartPage(getMLText("2_factor_auth"), "forcepasswordchange");
$this->globalNavigation();
$this->contentStart();
$this->pageNavigation(getMLText("my_account"), "my_account");
$this->contentHeading(getMLText('2_factor_auth'));
echo "<div class=\"alert\">".getMLText('2_factor_auth_info')."</div>";
echo '<div class="row-fluid">';
$this->contentContainerStart('span6');
$tfa = new \RobThree\Auth\TwoFactorAuth('SeedDMS');
$oldsecret = $user->getSecret();
$secret = $tfa->createSecret();
?>
<form class="form-horizontal" action="../op/op.Setup2Factor.php" method="post" id="form" name="form1">
<div class="control-group"><label class="control-label"><?php printMLText('2_fact_auth_secret'); ?></label><div class="controls">
<input id="secret" class="secret" type="text" name="secret" size="30" value="<?php echo $secret; ?>"><br />
</div></div>
<div class="control-group"><label class="control-label"></label><div class="controls">
<img src="<?php echo $tfa->getQRCodeImageAsDataUri('My label', $secret); ?>">
</div></div>
<div class="control-group"><label class="control-label"></label><div class="controls">
<input class="btn" type="submit" value="<?php printMLText("submit_2_fact_auth") ?>"><br />
</div></div>
</form>
<?php
if($oldsecret) {
$this->contentContainerEnd();
$this->contentContainerStart('span6');
echo '<div>'.$oldsecret.'</div>';
echo '<div><img src="'.$tfa->getQRCodeImageAsDataUri('My label', $oldsecret).'"></div>';
?>
<?php
}
$this->contentContainerEnd();
echo '</div>';
$this->contentEnd();
$this->htmlEndPage();
} /* }}} */
}
?>