Digitalstack/ZnoteAAC
2
0
Fork 0
mirror of https://github.com/Znote/ZnoteAAC.git synced 2025-10-13 18:04:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

TFS 1.2+ Two-Factor Authentication system.

Browse Source 
RFC6238 Implementation of the OTP algorythm, tested with the app "Authy" from the iOS iPhone app store.
This commit is contained in:
Znote
2016-11-13 05:34:14 +01:00
parent 236eca61c8
commit c3c236e13e
8 changed files with 453 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
twofa.php Normal file
View File

@@ -0,0 +1,51 @@
<?php require_once 'engine/init.php'; if ($config['twoFactorAuthenticator'] === false) die("twoFactorAuthenticator is disabled in config.php"); protect_page(); include 'layout/overall/header.php';
// Two-Factor Authentication setup page
if ($config['TFSVersion'] !== 'TFS_10') {
?>
<h1>Server compatibility error</h1>
<p>Sorry, this server is not compatible with Two-Factor Authentication.<br>
TFS 1.2 or higher is required to run two-factor authentication, grab it
<a href="https://github.com/otland/forgottenserver/releases" target="_BLANK">here</a>.</p>
<?php
} else {
// General init
require_once("engine/function/rfc6238.php");
// Fetch the secret data from accounts and znote_accounts table
$query = mysql_select_single("SELECT `a`.`secret` AS `secret`, `za`.`secret` AS `znote_secret` FROM `accounts` AS `a` INNER JOIN `znote_accounts` AS `za` ON `a`.`id` = `za`.`account_id` WHERE `a`.`id`='".(int)$session_user_id."' LIMIT 1;");
// If secret column returns NULL on the regular accounts table, then it means the system is not active.
$status = ($query['secret'] === NULL) ? false : true;
// If secret column returns NULL on the znote_accounts table, then it means we havent generated a secret for it yet.
if ($query['znote_secret'] === NULL) {
$scrtString = ($query['secret'] === NULL) ? generateRandomString(16) : $query['secret'];
// Add secret to znote_accounts table
mysql_update("UPDATE `znote_accounts` SET `secret`= '$scrtString' WHERE `account_id`='$session_user_id';");
$query['znote_secret'] = $scrtString;
}
// HTML rendering
?>
<h1>Two-Factor Authentication</h1>
<p>Account security with Two-factor Authentication: <b><?php echo ($status) ? 'Enabled' : 'Disabled'; ?></b>.</p>
<?php if ($status === false): ?>
<p><strong>Login with a token generated from this QR code to activate:</strong></p>
<?php endif; ?>
<img
src="<?php echo TokenAuth6238::getBarCodeUrl($user_data['name'], $_SERVER["HTTP_HOST"], $query['znote_secret'], preg_replace('/\s+/', '', $config['site_title'])); ?>"
alt="Two-Factor Authentication QR code image for this account."
/>
<h2>How to use:</h2>
<ol>
<li>Download an authenticator app for free on your mobile phone like <strong>Authy</strong> (<a target="_BLANK" href="https://play.google.com/store/apps/details?id=com.authy.authy">Android</a>), (<a target="_BLANK" href="https://itunes.apple.com/us/app/authy/id494168017">iPhone</a>) or <strong>Google Authenticator</strong> (<a target="_BLANK" href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2">Android</a>), (<a target="_BLANK" href="https://itunes.apple.com/us/app/google-authenticator/id388497605">iPhone</a>).</li>
<li>Scan the QR image with the app on your phone to create a Two-Factor account for this server.</li>
<li><a href="logout.php">Logout</a>, then login with username, password and token generated from your phone to enable Two-Factor Authentication.</li>
</ol>
<?php
}
include 'layout/overall/footer.php'; ?>