diff --git a/system/pages/account/2fa.php b/system/pages/account/2fa.php deleted file mode 100644 index e36c338c..00000000 --- a/system/pages/account/2fa.php +++ /dev/null @@ -1,124 +0,0 @@ - - * @copyright 2019 MyAAC - * @link https://my-aac.org - */ - -use MyAAC\TwoFactorAuth\TwoFactorAuth; - -defined('MYAAC') or die('Direct access not allowed!'); - -$title = 'Two Factor Authentication'; -require __DIR__ . '/base.php'; - -csrfProtect(); - -/** - * @var OTS_Account $account_logged - */ -$step = $_REQUEST['step'] ?? ''; -$code = $_REQUEST['auth-code'] ?? ''; - -if ((!setting('core.mail_enabled')) && ACTION == 'email-code') { - $twig->display('error_box.html.twig', ['errors' => ['Account two-factor e-mail authentication disabled.']]); - return; -} - -if (!isset($account_logged) || !$account_logged->isLoaded()) { - $current_session = getSession('account'); - if($current_session) { - $account_logged = new OTS_Account(); - $account_logged->load($current_session); - } -} - -$twoFactorAuth = TwoFactorAuth::getInstance($account_logged); -$twig->addGlobal('account_logged', $account_logged); - -if (ACTION == 'email-code') { - if ($step == 'resend') { - if ($twoFactorAuth->hasRecentEmailCode(15 * 60)) { - $errors = ['Sorry, one email per 15 minutes']; - } - else { - $twoFactorAuth->resendEmailCode(); - } - - if (!empty($errors)) { - $twig->display('error_box.html.twig', ['errors' => $errors]); - } - - $twig->display('account.2fa.email.login.html.twig'); - } - else if ($step == 'activate') { - if (!$twoFactorAuth->hasRecentEmailCode(15 * 60)) { - $twoFactorAuth->resendEmailCode(); - } - - if (isset($_POST['save'])) { - if (!empty($code)) { - $twoFactorAuth->setAuthGateway(TwoFactorAuth::TYPE_EMAIL); - if ($twoFactorAuth->getAuthGateway()->verifyCode($code)) { - $serverName = configLua('serverName'); - - $twoFactorAuth->enable(TwoFactorAuth::TYPE_EMAIL); - $twoFactorAuth->deleteOldCodes(); - - $twig->display('success.html.twig', [ - 'title' => 'Email Code Authentication Activated', - 'description' => sprintf('You have successfully activated email code authentication for your account. This means an email code will be sent to the email address assigned to your account whenever you try to log in to the %s client or the %s website. In order to log in, you will need to enter the most recent email code you have received.', $serverName, $serverName) - ]); - - return; - } - else { - $errors[] = 'Invalid email code!'; - } - } - } - - if (!empty($errors)) { - $twig->display('error_box.html.twig', ['errors' => $errors]); - } - - $twig->display('account.2fa.email_code.html.twig', ['wrongCode' => count($errors) > 0]); - } - else if ($step == 'deactivate') { - //if (!$twoFactorAuth->hasRecentEmailCode(15 * 60)) { - // $twoFactorAuth->resendEmailCode(); - //} - - /*if (isset($_POST['save'])) { - if (!empty($code)) { - if ($twoFactorAuth->getAuthGateway()->verifyCode($code)) { -*/ - $twoFactorAuth->disable(); - $twoFactorAuth->deleteOldCodes(); - - $twig->display('success.html.twig', - [ - 'title' => 'Email Code Authentication Deactivated', - 'description' => 'You have successfully deactivated the Email Code Authentication for your account.' - ] - ); - /* - } - else { - $errors[] = 'Invalid email code!'; - } - } - }*/ - - /* - if (!empty($errors)) { - $twig->display('error_box.html.twig', ['errors' => $errors]); - } - - $twig->display('account.2fa.email.deactivate.html.twig', ['wrongCode' => count($errors) > 0]); - */ - } -} diff --git a/system/pages/account/2fa/app/activate.php b/system/pages/account/2fa/app/activate.php new file mode 100644 index 00000000..46e0c749 --- /dev/null +++ b/system/pages/account/2fa/app/activate.php @@ -0,0 +1,4 @@ +display('error_box.html.twig', ['errors' => ['Account two-factor e-mail authentication disabled.']]); + return; +} + +if (!isset($account_logged) || !$account_logged->isLoaded()) { + $current_session = getSession('account'); + if($current_session) { + $account_logged = new OTS_Account(); + $account_logged->load($current_session); + } +} + +$twoFactorAuth = TwoFactorAuth::getInstance($account_logged); +$twig->addGlobal('account_logged', $account_logged); diff --git a/system/pages/account/2fa/email/activate.php b/system/pages/account/2fa/email/activate.php new file mode 100644 index 00000000..97cab77e --- /dev/null +++ b/system/pages/account/2fa/email/activate.php @@ -0,0 +1,39 @@ +hasRecentEmailCode(15 * 60)) { + $twoFactorAuth->resendEmailCode(); +} + +if (isset($_POST['save'])) { + if (!empty($code)) { + $twoFactorAuth->setAuthGateway(TwoFactorAuth::TYPE_EMAIL); + if ($twoFactorAuth->getAuthGateway()->verifyCode($code)) { + $serverName = configLua('serverName'); + + $twoFactorAuth->enable(TwoFactorAuth::TYPE_EMAIL); + $twoFactorAuth->deleteOldCodes(); + + $twig->display('success.html.twig', [ + 'title' => 'Email Code Authentication Activated', + 'description' => sprintf('You have successfully activated email code authentication for your account. This means an email code will be sent to the email address assigned to your account whenever you try to log in to the %s client or the %s website. In order to log in, you will need to enter the most recent email code you have received.', $serverName, $serverName) + ]); + + return; + } + else { + $errors[] = 'Invalid email code!'; + } + } +} + +if (!empty($errors)) { + $twig->display('error_box.html.twig', ['errors' => $errors]); +} + +$twig->display('account/2fa/email/request.html.twig', ['wrongCode' => count($errors) > 0]); diff --git a/system/pages/account/2fa/email/deactivate.php b/system/pages/account/2fa/email/deactivate.php new file mode 100644 index 00000000..ba78e6d1 --- /dev/null +++ b/system/pages/account/2fa/email/deactivate.php @@ -0,0 +1,37 @@ +hasRecentEmailCode(15 * 60)) { +// $twoFactorAuth->resendEmailCode(); +//} + +/*if (isset($_POST['save'])) { + if (!empty($code)) { + if ($twoFactorAuth->getAuthGateway()->verifyCode($code)) { +*/ +$twoFactorAuth->disable(); +$twoFactorAuth->deleteOldCodes(); + +$twig->display('success.html.twig', + [ + 'title' => 'Email Code Authentication Deactivated', + 'description' => 'You have successfully deactivated the Email Code Authentication for your account.' + ] +); +/* +} +else { +$errors[] = 'Invalid email code!'; +} +} +}*/ + +/* +if (!empty($errors)) { + $twig->display('error_box.html.twig', ['errors' => $errors]); +} + +$twig->display('account/2fa/email/deactivate.html.twig', ['wrongCode' => count($errors) > 0]); +*/ diff --git a/system/pages/account/2fa/email/resend-code.php b/system/pages/account/2fa/email/resend-code.php new file mode 100644 index 00000000..f44e7513 --- /dev/null +++ b/system/pages/account/2fa/email/resend-code.php @@ -0,0 +1,17 @@ +hasRecentEmailCode(1 * 60)) { + $errors = ['Sorry, one email per 15 minutes']; +} +else { + $twoFactorAuth->resendEmailCode(); +} + +if (!empty($errors)) { + $twig->display('error_box.html.twig', ['errors' => $errors]); +} + +$twig->display('account/2fa/email/login.html.twig'); diff --git a/system/src/TwoFactorAuth/TwoFactorAuth.php b/system/src/TwoFactorAuth/TwoFactorAuth.php index 68035bbc..80344758 100644 --- a/system/src/TwoFactorAuth/TwoFactorAuth.php +++ b/system/src/TwoFactorAuth/TwoFactorAuth.php @@ -60,7 +60,7 @@ class TwoFactorAuth } define('HIDE_LOGIN_BOX', true); - $twig->display('account.2fa.email.login.html.twig', [ + $twig->display('account/2fa/email/login.html.twig', [ 'account_login' => $login_account, 'password_login' => $login_password, 'remember_me' => $remember_me, @@ -94,7 +94,7 @@ class TwoFactorAuth $errors[] = 'Invalid email code!'; $twig->display('error_box.html.twig', ['errors' => $errors]); - $twig->display('account.2fa.email.login.html.twig', + $twig->display('account/2fa/email/login.html.twig', [ 'account_login' => $login_account, 'password_login' => $login_password, @@ -118,16 +118,16 @@ class TwoFactorAuth public function getAccountManageViews(): array { - $twoFactorView = 'account.2fa.protected.html.twig'; + $twoFactorView = 'account/2fa/protected.html.twig'; if ($this->authType == self::TYPE_EMAIL) { - $twoFactorView2 = 'account.2fa.email.activated.html.twig'; + $twoFactorView2 = 'account/2fa/email/activated.html.twig'; } elseif ($this->authType == self::TYPE_APP) { - $twoFactorView2 = 'account.2fa.app.activated.html.twig'; + $twoFactorView2 = 'account/2fa/app/activated.html.twig'; } else { - $twoFactorView = 'account.2fa.connect.html.twig'; - $twoFactorView2 = 'account.2fa.email.activate.html.twig'; + $twoFactorView = 'account/2fa/connect.html.twig'; + $twoFactorView2 = 'account/2fa/email/activate.html.twig'; } return [$twoFactorView, $twoFactorView2]; diff --git a/system/templates/account.management.html.twig b/system/templates/account.management.html.twig index a3f77f0b..6cc2ce7f 100644 --- a/system/templates/account.management.html.twig +++ b/system/templates/account.management.html.twig @@ -148,7 +148,7 @@
- {{ include('account.2fa.main.html.twig') }} + {{ include('account/2fa/main.html.twig') }} {{ hook('HOOK_ACCOUNT_MANAGE_BEFORE_ACCOUNT_LOGS') }} diff --git a/system/templates/account/2fa/app/activate.html.twig b/system/templates/account/2fa/app/activate.html.twig new file mode 100644 index 00000000..e69de29b diff --git a/system/templates/account.2fa.connect.html.twig b/system/templates/account/2fa/connect.html.twig similarity index 92% rename from system/templates/account.2fa.connect.html.twig rename to system/templates/account/2fa/connect.html.twig index bfe70dd8..a936de9a 100644 --- a/system/templates/account.2fa.connect.html.twig +++ b/system/templates/account/2fa/connect.html.twig @@ -9,7 +9,7 @@ Connect your {{ config.lua.serverName }} account to an authenticator app!
-
+ {{ csrf() }} {% set button_name = 'Request' %} {% include('buttons.base.html.twig') %} diff --git a/system/templates/account.2fa.email.activate.html.twig b/system/templates/account/2fa/email/activate.html.twig similarity index 92% rename from system/templates/account.2fa.email.activate.html.twig rename to system/templates/account/2fa/email/activate.html.twig index a0220aab..32c56d24 100644 --- a/system/templates/account.2fa.email.activate.html.twig +++ b/system/templates/account/2fa/email/activate.html.twig @@ -10,7 +10,7 @@ Activate email code authentication for your account!
- + {{ csrf() }} {% set button_name = 'Request' %} {% include('buttons.base.html.twig') %} diff --git a/system/templates/account.2fa.email.activated.html.twig b/system/templates/account/2fa/email/activated.html.twig similarity index 81% rename from system/templates/account.2fa.email.activated.html.twig rename to system/templates/account/2fa/email/activated.html.twig index 035a1276..95ac4387 100644 --- a/system/templates/account.2fa.email.activated.html.twig +++ b/system/templates/account/2fa/email/activated.html.twig @@ -6,9 +6,9 @@
- + {{ csrf() }} - + {% set button_name = 'Deactivate' %} {{ include('buttons.base.html.twig') }} diff --git a/system/templates/account.2fa.email.deactivate.html.twig b/system/templates/account/2fa/email/deactivate.html.twig similarity index 94% rename from system/templates/account.2fa.email.deactivate.html.twig rename to system/templates/account/2fa/email/deactivate.html.twig index 5be208ad..9a0cc808 100644 --- a/system/templates/account.2fa.email.deactivate.html.twig +++ b/system/templates/account/2fa/email/deactivate.html.twig @@ -10,7 +10,7 @@ To deactivate two-factor email code authentication for your account, enter the received email code below. Note, however, that email code authentication - is an important security feature which helps to prevent any unauthorised access to your + is an important security feature which helps to prevent any unauthorized access to your Tibia account. @@ -28,7 +28,7 @@
@@ -86,10 +86,9 @@ - + {{ csrf() }} - {% set button_name = 'Continue' %} diff --git a/system/templates/account.2fa.email.login.html.twig b/system/templates/account/2fa/email/login.html.twig similarity index 97% rename from system/templates/account.2fa.email.login.html.twig rename to system/templates/account/2fa/email/login.html.twig index 658ad588..0c786b13 100644 --- a/system/templates/account.2fa.email.login.html.twig +++ b/system/templates/account/2fa/email/login.html.twig @@ -11,7 +11,7 @@
diff --git a/system/templates/account.2fa.email_code.html.twig b/system/templates/account/2fa/email/request.html.twig similarity index 93% rename from system/templates/account.2fa.email_code.html.twig rename to system/templates/account/2fa/email/request.html.twig index 009122cb..c8d934c1 100644 --- a/system/templates/account.2fa.email_code.html.twig +++ b/system/templates/account/2fa/email/request.html.twig @@ -31,14 +31,13 @@
- {{ csrf() }} {% if account_logged is defined %} {% endif %} - {% set button_name = 'Resend Email Code' %} {% include('buttons.base.html.twig') %} @@ -88,10 +87,9 @@ - + {{ csrf() }} - {% set button_color = 'green' %} diff --git a/system/templates/account.2fa.main.html.twig b/system/templates/account/2fa/main.html.twig similarity index 100% rename from system/templates/account.2fa.main.html.twig rename to system/templates/account/2fa/main.html.twig diff --git a/system/templates/account.2fa.protected.html.twig b/system/templates/account/2fa/protected.html.twig similarity index 100% rename from system/templates/account.2fa.protected.html.twig rename to system/templates/account/2fa/protected.html.twig diff --git a/system/templates/mail.account.2fa.email-code.html.twig b/system/templates/mail.account.2fa.email-code.html.twig index 18525511..53faca6d 100644 --- a/system/templates/mail.account.2fa.email-code.html.twig +++ b/system/templates/mail.account.2fa.email-code.html.twig @@ -2,7 +2,7 @@ Dear {{ config.lua.serverName}} player,

Your account is protected by email code authentication, and you requested a new email code:

-

{{ code }}

+

{{ code }}


Note that the code is only valid for 24 hours.

diff --git a/templates/tibiacom/account.management.html.twig b/templates/tibiacom/account.management.html.twig index 4f46b5d3..3ab4c971 100644 --- a/templates/tibiacom/account.management.html.twig +++ b/templates/tibiacom/account.management.html.twig @@ -291,7 +291,7 @@ {% include 'tables.headline.html.twig' %}
-{{ include('account.2fa.main.html.twig') }} +{{ include('account/2fa/main.html.twig') }} {{ hook('HOOK_ACCOUNT_MANAGE_BEFORE_ACCOUNT_LOGS') }}