mirror of
https://github.com/slawkens/myaac.git
synced 2025-07-06 11:40:15 +02:00
[WIP] 2fa
This commit is contained in:
slawkens
parent
ecc9bd4042
commit
e435062025
@ -50,7 +50,7 @@ if (ACTION == 'email-code') {
|
||||
$twig->display('error_box.html.twig', ['errors' => $errors]);
|
||||
}
|
||||
|
||||
$twig->display('account.2fa.email-code.login.html.twig');
|
||||
$twig->display('account.2fa.email.login.html.twig');
|
||||
}
|
||||
else if ($step == 'activate') {
|
||||
if (!$twoFactorAuth->hasRecentEmailCode(15 * 60)) {
|
||||
@ -116,6 +116,6 @@ if (ACTION == 'email-code') {
|
||||
$twig->display('error_box.html.twig', ['errors' => $errors]);
|
||||
}
|
||||
|
||||
$twig->display('account.2fa.email-code.deactivate.html.twig', ['wrongCode' => count($errors) > 0]);
|
||||
$twig->display('account.2fa.email.deactivate.html.twig', ['wrongCode' => count($errors) > 0]);
|
||||
}
|
||||
}
|
||||
|
||||
@ -51,6 +51,11 @@ if(!empty($login_account) && !empty($login_password))
|
||||
if (setting('core.account_mail_verify') && (int)$account_logged->getCustomField('email_verified') !== 1) {
|
||||
$errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.';
|
||||
} else {
|
||||
$twoFactorAuth = TwoFactorAuth::getInstance($account_logged);
|
||||
if (!$twoFactorAuth->process($login_account, $login_password, $_POST['email-code'] ?? '')) {
|
||||
return;
|
||||
}
|
||||
|
||||
session_regenerate_id();
|
||||
setSession('account', $account_logged->getId());
|
||||
setSession('password', encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password));
|
||||
@ -58,11 +63,6 @@ if(!empty($login_account) && !empty($login_password))
|
||||
setSession('remember_me', true);
|
||||
}
|
||||
|
||||
$twoFactorAuth = TwoFactorAuth::getInstance($account_logged);
|
||||
if (!$twoFactorAuth->process($_POST['email-code'] ?? '')) {
|
||||
return;
|
||||
}
|
||||
|
||||
$logged = true;
|
||||
$logged_flags = $account_logged->getWebFlags();
|
||||
|
||||
|
||||
@ -44,7 +44,7 @@ class TwoFactorAuth
|
||||
return self::$instance;
|
||||
}
|
||||
|
||||
public function process($code): bool
|
||||
public function process($login_account, $login_password, $code): bool
|
||||
{
|
||||
global $twig;
|
||||
|
||||
@ -52,48 +52,48 @@ class TwoFactorAuth
|
||||
return true;
|
||||
}
|
||||
|
||||
if (!empty($code)) {
|
||||
if ($this->getAuthGateway()->verifyCode($code)) {
|
||||
if ($this->authType === self::TYPE_EMAIL) {
|
||||
$this->deleteOldCodes();
|
||||
}
|
||||
|
||||
header('Location: account/manage');
|
||||
return true;
|
||||
}
|
||||
else {
|
||||
if (setting('core.mail_enabled')) {
|
||||
$mailBody = $twig->render('mail.account.2fa.email-code.wrong-attempt.html.twig');
|
||||
|
||||
if (!_mail($this->account->getEMail(), configLua('serverName') . ' - Failed Two-Factor Authentication Attempt', $mailBody)) {
|
||||
error('An error occurred while sending email. For Admin: More info can be found in system/logs/mailer-error.log');
|
||||
}
|
||||
if (empty($code)) {
|
||||
if ($this->authType == self::TYPE_EMAIL) {
|
||||
if (!$this->hasRecentEmailCode(15 * 60)) {
|
||||
$this->resendEmailCode();
|
||||
//success('Resent email.');
|
||||
}
|
||||
|
||||
define('HIDE_LOGIN_BOX', true);
|
||||
|
||||
$errors[] = 'Invalid email code!';
|
||||
$twig->display('error_box.html.twig', ['errors' => $errors]);
|
||||
|
||||
$twig->display('account.2fa.email-code.login.html.twig', ['wrongCode' => true]);
|
||||
|
||||
return false;
|
||||
$twig->display('account.2fa.email.login.html.twig');
|
||||
}
|
||||
}
|
||||
|
||||
if ($this->authType == self::TYPE_EMAIL) {
|
||||
if (!$this->hasRecentEmailCode(15 * 60)) {
|
||||
$this->resendEmailCode();
|
||||
//success('Resent email.');
|
||||
else {
|
||||
echo 'Two Factor App Auth';
|
||||
}
|
||||
|
||||
define('HIDE_LOGIN_BOX', true);
|
||||
$twig->display('account.2fa.email-code.login.html.twig');
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
if ($this->getAuthGateway()->verifyCode($code)) {
|
||||
if ($this->authType === self::TYPE_EMAIL) {
|
||||
$this->deleteOldCodes();
|
||||
}
|
||||
|
||||
header('Location: account/manage');
|
||||
return true;
|
||||
}
|
||||
|
||||
if (setting('core.mail_enabled')) {
|
||||
$mailBody = $twig->render('mail.account.2fa.email-code.wrong-attempt.html.twig');
|
||||
|
||||
if (!_mail($this->account->getEMail(), configLua('serverName') . ' - Failed Two-Factor Authentication Attempt', $mailBody)) {
|
||||
error('An error occurred while sending email. For Admin: More info can be found in system/logs/mailer-error.log');
|
||||
}
|
||||
}
|
||||
|
||||
define('HIDE_LOGIN_BOX', true);
|
||||
|
||||
$errors[] = 'Invalid email code!';
|
||||
$twig->display('error_box.html.twig', ['errors' => $errors]);
|
||||
|
||||
$twig->display('account.2fa.email.login.html.twig', ['wrongCode' => true]);
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
public function setAuthGateway(int $authType): void
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user