Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-07-06 11:40:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

[WIP] 2fa

Browse Source
This commit is contained in:
slawkens 2025-07-05 08:20:58 +02:00
parent ecc9bd4042
commit e435062025
5 changed files with 41 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
system/pages/account/2fa.php
View File

@ -50,7 +50,7 @@ if (ACTION == 'email-code') {
$twig->display('error_box.html.twig', ['errors' => $errors]); $twig->display('error_box.html.twig', ['errors' => $errors]);
} }
$twig->display('account.2fa.email-code.login.html.twig'); $twig->display('account.2fa.email.login.html.twig');
} }
else if ($step == 'activate') { else if ($step == 'activate') {
if (!$twoFactorAuth->hasRecentEmailCode(15 * 60)) { if (!$twoFactorAuth->hasRecentEmailCode(15 * 60)) {
@ -116,6 +116,6 @@ if (ACTION == 'email-code') {
$twig->display('error_box.html.twig', ['errors' => $errors]); $twig->display('error_box.html.twig', ['errors' => $errors]);
} }
$twig->display('account.2fa.email-code.deactivate.html.twig', ['wrongCode' => count($errors) > 0]); $twig->display('account.2fa.email.deactivate.html.twig', ['wrongCode' => count($errors) > 0]);
} }
} }

10
system/pages/account/login.php
View File

@ -51,6 +51,11 @@ if(!empty($login_account) && !empty($login_password))
if (setting('core.account_mail_verify') && (int)$account_logged->getCustomField('email_verified') !== 1) { if (setting('core.account_mail_verify') && (int)$account_logged->getCustomField('email_verified') !== 1) {
$errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.'; $errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.';
} else { } else {
$twoFactorAuth = TwoFactorAuth::getInstance($account_logged);
if (!$twoFactorAuth->process($login_account, $login_password, $_POST['email-code'] ?? '')) {
return;
}
session_regenerate_id(); session_regenerate_id();
setSession('account', $account_logged->getId()); setSession('account', $account_logged->getId());
setSession('password', encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password)); setSession('password', encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password));
@ -58,11 +63,6 @@ if(!empty($login_account) && !empty($login_password))
setSession('remember_me', true); setSession('remember_me', true);
} }
$twoFactorAuth = TwoFactorAuth::getInstance($account_logged);
if (!$twoFactorAuth->process($_POST['email-code'] ?? '')) {
return;
}
$logged = true; $logged = true;
$logged_flags = $account_logged->getWebFlags(); $logged_flags = $account_logged->getWebFlags();

40
system/src/TwoFactorAuth/TwoFactorAuth.php
View File

@ -44,7 +44,7 @@ class TwoFactorAuth
return self::$instance; return self::$instance;
} }
public function process($code): bool public function process($login_account, $login_password, $code): bool
{ {
global $twig; global $twig;
@ -52,7 +52,23 @@ class TwoFactorAuth
return true; return true;
} }
if (!empty($code)) { if (empty($code)) {
if ($this->authType == self::TYPE_EMAIL) {
if (!$this->hasRecentEmailCode(15 * 60)) {
$this->resendEmailCode();
//success('Resent email.');
}
define('HIDE_LOGIN_BOX', true);
$twig->display('account.2fa.email.login.html.twig');
}
else {
echo 'Two Factor App Auth';
}
return false;
}
if ($this->getAuthGateway()->verifyCode($code)) { if ($this->getAuthGateway()->verifyCode($code)) {
if ($this->authType === self::TYPE_EMAIL) { if ($this->authType === self::TYPE_EMAIL) {
$this->deleteOldCodes(); $this->deleteOldCodes();
@ -61,7 +77,7 @@ class TwoFactorAuth
header('Location: account/manage'); header('Location: account/manage');
return true; return true;
} }
else {
if (setting('core.mail_enabled')) { if (setting('core.mail_enabled')) {
$mailBody = $twig->render('mail.account.2fa.email-code.wrong-attempt.html.twig'); $mailBody = $twig->render('mail.account.2fa.email-code.wrong-attempt.html.twig');
@ -75,26 +91,10 @@ class TwoFactorAuth
$errors[] = 'Invalid email code!'; $errors[] = 'Invalid email code!';
$twig->display('error_box.html.twig', ['errors' => $errors]); $twig->display('error_box.html.twig', ['errors' => $errors]);
$twig->display('account.2fa.email-code.login.html.twig', ['wrongCode' => true]); $twig->display('account.2fa.email.login.html.twig', ['wrongCode' => true]);
return false; return false;
} }
}
if ($this->authType == self::TYPE_EMAIL) {
if (!$this->hasRecentEmailCode(15 * 60)) {
$this->resendEmailCode();
//success('Resent email.');
}
define('HIDE_LOGIN_BOX', true);
$twig->display('account.2fa.email-code.login.html.twig');
return false;
}
return true;
}
public function setAuthGateway(int $authType): void public function setAuthGateway(int $authType): void
{ {

0
system/templates/account.2fa.email-code.deactivate.html.twig → system/templates/account.2fa.email.deactivate.html.twig
View File

0
system/templates/account.2fa.email-code.login.html.twig → system/templates/account.2fa.email.login.html.twig
View File