mirror of
https://git.code.sf.net/p/seeddms/code
synced 2025-11-28 10:30:42 +00:00
add test for 2-factor auth, allow to remove secret
This commit is contained in:
Uwe Steinmann
parent
630399c3c8
commit
e5e7ec3940
|
|
@ -30,11 +30,38 @@ include("../inc/inc.ClassPasswordStrength.php");
|
|||
include("../inc/inc.ClassPasswordHistoryManager.php");
|
||||
|
||||
if ($user->isGuest()) {
|
||||
UI::exitError(getMLText("2_fact_auth"),getMLText("access_denied"));
|
||||
UI::exitError(getMLText("2_factor_auth"),getMLText("access_denied"));
|
||||
}
|
||||
|
||||
$secret = $_POST["secret"];
|
||||
$action = !empty($_POST['action']) ? $_POST['action'] : '';
|
||||
switch($action) {
|
||||
case "test":
|
||||
if($user->getSecret()) {
|
||||
$tfa = new \RobThree\Auth\TwoFactorAuth(new \RobThree\Auth\Providers\Qr\BaconQrCodeProvider());
|
||||
header('Content-Type: application/json');
|
||||
if($tfa->verifyCode($user->getSecret(), $_POST['code']) !== true) {
|
||||
echo json_encode(array('success'=>false, 'message'=>getMLText("2_factor_auth_failed"), 'data'=>$_POST['code']));
|
||||
} else {
|
||||
echo json_encode(array('success'=>true, 'message'=>getMLText("2_factor_auth_succeeded")));
|
||||
}
|
||||
exit;
|
||||
}
|
||||
break;
|
||||
case "removesecret":
|
||||
if(!checkFormKey('removesecret')) {
|
||||
UI::exitError(getMLText("2_factor_auth"),getMLText("invalid_request_token"));
|
||||
}
|
||||
if(empty($_POST['confirm'])) {
|
||||
$session->setSplashMsg(array('type'=>'error', 'msg'=>getMLText('2_factor_auth_rm_secret_no_confirm')));
|
||||
} else {
|
||||
$user->setSecret('');
|
||||
}
|
||||
header("Location:../out/out.Setup2Factor.php");
|
||||
break;
|
||||
default:
|
||||
$secret = $_POST["secret"];
|
||||
|
||||
$user->setSecret($secret);
|
||||
$user->setSecret($secret);
|
||||
|
||||
header("Location:../out/out.Setup2Factor.php");
|
||||
header("Location:../out/out.Setup2Factor.php");
|
||||
}
|
||||
|
|
|
|||
|
|
@ -61,10 +61,23 @@ function checkForm()
|
|||
}
|
||||
|
||||
$(document).ready( function() {
|
||||
$('body').on('submit', '#form', function(ev){
|
||||
$('body').on('submit', '#form1', function(ev){
|
||||
if(checkForm()) return;
|
||||
ev.preventDefault();
|
||||
});
|
||||
$('body').on('submit', '#form2', function(ev){
|
||||
ev.preventDefault();
|
||||
$.post("../op/op.Setup2Factor.php", $('#form2').serialize(), function(response) {
|
||||
noty({
|
||||
text: response.message,
|
||||
type: response.success === true ? 'success' : 'error',
|
||||
dismissQueue: true,
|
||||
layout: 'topRight',
|
||||
theme: 'defaultTheme',
|
||||
timeout: 1500,
|
||||
});
|
||||
}, "json");
|
||||
});
|
||||
});
|
||||
<?php
|
||||
} /* }}} */
|
||||
|
|
@ -82,17 +95,17 @@ $(document).ready( function() {
|
|||
$this->infoMsg(getMLText('2_factor_auth_info'));
|
||||
$this->rowStart();
|
||||
$this->columnStart(6);
|
||||
$this->contentHeading(getMLText('2_fact_auth_new_secret'));
|
||||
$this->contentHeading(getMLText('2_factor_auth_new_secret'));
|
||||
|
||||
// $tfa = new \RobThree\Auth\TwoFactorAuth('SeedDMS: '.$sitename);
|
||||
$tfa = new TwoFactorAuth(new BaconQrCodeProvider());
|
||||
$oldsecret = $user->getSecret();
|
||||
$secret = $tfa->createSecret();
|
||||
?>
|
||||
<form class="form-horizontal" action="../op/op.Setup2Factor.php" method="post" id="form" name="form1">
|
||||
<form class="form-horizontal" action="../op/op.Setup2Factor.php" method="post" id="form1" name="form1">
|
||||
<?php
|
||||
$this->formField(
|
||||
getMLText('2_fact_auth_secret'),
|
||||
getMLText('2_factor_auth_secret'),
|
||||
array(
|
||||
'element'=>'input',
|
||||
'type'=>'text',
|
||||
|
|
@ -103,26 +116,48 @@ $(document).ready( function() {
|
|||
)
|
||||
);
|
||||
$this->formField(
|
||||
getMLText('2_fact_auth_qrcode'),
|
||||
getMLText('2_factor_auth_qrcode'),
|
||||
'<img src="'.$tfa->getQRCodeImageAsDataUri($user->getLogin(), $secret).'">'
|
||||
);
|
||||
$this->formSubmit(getMLText('submit_2_fact_auth'));
|
||||
$this->formSubmit(getMLText('submit_2_factor_auth'));
|
||||
?>
|
||||
</form>
|
||||
<?php
|
||||
if($oldsecret) {
|
||||
$this->columnEnd();
|
||||
$this->columnStart(6);
|
||||
$this->contentHeading(getMLText('2_fact_auth_current_secret'));
|
||||
$this->contentHeading(getMLText('2_factor_auth_current_secret'));
|
||||
$this->formField(
|
||||
getMLText('2_fact_auth_secret'),
|
||||
getMLText('2_factor_auth_secret'),
|
||||
htmlspecialchars($oldsecret)
|
||||
);
|
||||
$this->formField(
|
||||
getMLText('2_fact_auth_qrcode'),
|
||||
'<img src="'.$tfa->getQRCodeImageAsDataUri($user->getLogin(), $secret).'">'
|
||||
getMLText('2_factor_auth_qrcode'),
|
||||
'<img src="'.$tfa->getQRCodeImageAsDataUri($user->getLogin(), $oldsecret).'">'
|
||||
);
|
||||
?>
|
||||
<form class="form-horizontal" action="../op/op.Setup2Factor.php" method="post" id="form2" name="form2">
|
||||
<input type="hidden" name="action" value="test" />
|
||||
<?php
|
||||
$this->formField(
|
||||
getMLText('2_factor_auth'),
|
||||
array(
|
||||
'element'=>'input',
|
||||
'type'=>'text',
|
||||
'name'=>'code',
|
||||
'value'=>'',
|
||||
'required'=>true
|
||||
)
|
||||
);
|
||||
$this->formSubmit(getMLText('submit_2_factor_auth_test'));
|
||||
?>
|
||||
</form>
|
||||
<form style="display: inline-block; margin-top: 20px;" method="post" action="../op/op.Setup2Factor.php" >
|
||||
<?php echo createHiddenFieldWithKey('removesecret'); ?>
|
||||
<input type="hidden" name="action" value="removesecret">
|
||||
<?php $this->formSubmit('<i class="fa fa-remove"></i> '.getMLText('2_factor_rm_secret'),'','','danger');?>
|
||||
<input type="checkbox" name="confirm" value="1"> <?= getMLText('2_factor_rm_secret_confirm') ?>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user