[WIP] 2fa

system/pages/account/2fa.php

@@ -50,7 +50,7 @@ if (ACTION == 'email-code') {
 			$twig->display('error_box.html.twig',  ['errors' => $errors]);
 		}
 
-		$twig->display('account.2fa.email-code.login.html.twig');
+		$twig->display('account.2fa.email.login.html.twig');
 	}
 	else if ($step == 'activate') {
 		if (!$twoFactorAuth->hasRecentEmailCode(15 * 60)) {
@@ -116,6 +116,6 @@ if (ACTION == 'email-code') {
 			$twig->display('error_box.html.twig', ['errors' => $errors]);
 		}
 
-		$twig->display('account.2fa.email-code.deactivate.html.twig', ['wrongCode' => count($errors) > 0]);
+		$twig->display('account.2fa.email.deactivate.html.twig', ['wrongCode' => count($errors) > 0]);
 	}
 }

system/pages/account/login.php

@@ -51,6 +51,11 @@ if(!empty($login_account) && !empty($login_password))
 		if (setting('core.account_mail_verify') && (int)$account_logged->getCustomField('email_verified') !== 1) {
 			$errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.';
 		} else {
+			$twoFactorAuth = TwoFactorAuth::getInstance($account_logged);
+			if (!$twoFactorAuth->process($login_account, $login_password, $_POST['email-code'] ?? '')) {
+				return;
+			}
+
 			session_regenerate_id();
 			setSession('account', $account_logged->getId());
 			setSession('password', encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password));
@@ -58,11 +63,6 @@ if(!empty($login_account) && !empty($login_password))
 				setSession('remember_me', true);
 			}
 
-			$twoFactorAuth = TwoFactorAuth::getInstance($account_logged);
-			if (!$twoFactorAuth->process($_POST['email-code'] ?? '')) {
-				return;
-			}
-
 			$logged = true;
 			$logged_flags = $account_logged->getWebFlags();
 

system/src/TwoFactorAuth/TwoFactorAuth.php

@@ -44,7 +44,7 @@ class TwoFactorAuth
 		return self::$instance;
 	}
 
-	public function process($code): bool
+	public function process($login_account, $login_password, $code): bool
 	{
 		global $twig;
 
@@ -52,7 +52,23 @@ class TwoFactorAuth
 			return true;
 		}
 
-		if (!empty($code)) {
+		if (empty($code)) {
+			if ($this->authType == self::TYPE_EMAIL) {
+				if (!$this->hasRecentEmailCode(15 * 60)) {
+					$this->resendEmailCode();
+					//success('Resent email.');
+				}
+
+				define('HIDE_LOGIN_BOX', true);
+				$twig->display('account.2fa.email.login.html.twig');
+			}
+			else {
+				echo 'Two Factor App Auth';
+			}
+
+			return false;
+		}
+
 		if ($this->getAuthGateway()->verifyCode($code)) {
 			if ($this->authType === self::TYPE_EMAIL) {
 				$this->deleteOldCodes();
@@ -61,7 +77,7 @@ class TwoFactorAuth
 			header('Location: account/manage');
 			return true;
 		}
-			else {
+
 		if (setting('core.mail_enabled')) {
 			$mailBody = $twig->render('mail.account.2fa.email-code.wrong-attempt.html.twig');
 
@@ -75,26 +91,10 @@ class TwoFactorAuth
 		$errors[] = 'Invalid email code!';
 		$twig->display('error_box.html.twig', ['errors' => $errors]);
 
-				$twig->display('account.2fa.email-code.login.html.twig', ['wrongCode' => true]);
+		$twig->display('account.2fa.email.login.html.twig', ['wrongCode' => true]);
 
 		return false;
 	}
-		}
-
-		if ($this->authType == self::TYPE_EMAIL) {
-			if (!$this->hasRecentEmailCode(15 * 60)) {
-				$this->resendEmailCode();
-				//success('Resent email.');
-			}
-
-			define('HIDE_LOGIN_BOX', true);
-			$twig->display('account.2fa.email-code.login.html.twig');
-
-			return false;
-		}
-
-		return true;
-	}
 
 	public function setAuthGateway(int $authType): void
 	{