Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2026-01-23 14:36:22 +01:00
Code Issues Packages Projects Releases Wiki Activity

Working two factor email authentication

Browse Source
This commit is contained in:
slawkens
2025-09-14 11:38:01 +02:00
parent 041f58ed11
commit fbdb6890b9
8 changed files with 54 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
system/pages/account/2fa.php
View File

@@ -21,7 +21,7 @@ csrfProtect();
* @var OTS_Account $account_logged * @var OTS_Account $account_logged
*/ */
$step = $_REQUEST['step'] ?? ''; $step = $_REQUEST['step'] ?? '';
$code = $_REQUEST['email-code'] ?? ''; $code = $_REQUEST['auth-code'] ?? '';
if ((!setting('core.mail_enabled')) && ACTION == 'email-code') { if ((!setting('core.mail_enabled')) && ACTION == 'email-code') {
$twig->display('error_box.html.twig', ['errors' => ['Account two-factor e-mail authentication disabled.']]); $twig->display('error_box.html.twig', ['errors' => ['Account two-factor e-mail authentication disabled.']]);
@@ -31,11 +31,13 @@ if ((!setting('core.mail_enabled')) && ACTION == 'email-code') {
if (!isset($account_logged) || !$account_logged->isLoaded()) { if (!isset($account_logged) || !$account_logged->isLoaded()) {
$current_session = getSession('account'); $current_session = getSession('account');
if($current_session) { if($current_session) {
$account_logged = new OTS_Account();
$account_logged->load($current_session); $account_logged->load($current_session);
} }
} }
$twoFactorAuth = TwoFactorAuth::getInstance($account_logged); $twoFactorAuth = TwoFactorAuth::getInstance($account_logged);
$twig->addGlobal('account_logged', $account_logged);
if (ACTION == 'email-code') { if (ACTION == 'email-code') {
if ($step == 'resend') { if ($step == 'resend') {
@@ -86,14 +88,14 @@ if (ACTION == 'email-code') {
$twig->display('account.2fa.email_code.html.twig', ['wrongCode' => count($errors) > 0]); $twig->display('account.2fa.email_code.html.twig', ['wrongCode' => count($errors) > 0]);
} }
else if ($step == 'deactivate') { else if ($step == 'deactivate') {
if (!$twoFactorAuth->hasRecentEmailCode(15 * 60)) { //if (!$twoFactorAuth->hasRecentEmailCode(15 * 60)) {
$twoFactorAuth->resendEmailCode(); // $twoFactorAuth->resendEmailCode();
} //}
if (isset($_POST['save'])) { /*if (isset($_POST['save'])) {
if (!empty($code)) { if (!empty($code)) {
if ($twoFactorAuth->getAuthGateway()->verifyCode($code)) { if ($twoFactorAuth->getAuthGateway()->verifyCode($code)) {
*/
$twoFactorAuth->disable(); $twoFactorAuth->disable();
$twoFactorAuth->deleteOldCodes(); $twoFactorAuth->deleteOldCodes();
@@ -103,19 +105,20 @@ if (ACTION == 'email-code') {
'description' => 'You have successfully <b>deactivated</b> the <b>Email Code Authentication</b> for your account.' 'description' => 'You have successfully <b>deactivated</b> the <b>Email Code Authentication</b> for your account.'
] ]
); );
/*
return;
} }
else { else {
$errors[] = 'Invalid email code!'; $errors[] = 'Invalid email code!';
} }
} }
} }*/
/*
if (!empty($errors)) { if (!empty($errors)) {
$twig->display('error_box.html.twig', ['errors' => $errors]); $twig->display('error_box.html.twig', ['errors' => $errors]);
} }
$twig->display('account.2fa.email.deactivate.html.twig', ['wrongCode' => count($errors) > 0]); $twig->display('account.2fa.email.deactivate.html.twig', ['wrongCode' => count($errors) > 0]);
*/
} }
} }

5
system/pages/account/login.php
View File

@@ -51,13 +51,14 @@ if(!empty($login_account) && !empty($login_password))
if (setting('core.account_mail_verify') && (int)$account_logged->getCustomField('email_verified') !== 1) { if (setting('core.account_mail_verify') && (int)$account_logged->getCustomField('email_verified') !== 1) {
$errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.'; $errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.';
} else { } else {
setSession('account', $account_logged->getId());
$twoFactorAuth = TwoFactorAuth::getInstance($account_logged); $twoFactorAuth = TwoFactorAuth::getInstance($account_logged);
if (!$twoFactorAuth->process($login_account, $login_password, $_POST['email-code'] ?? '')) { if (!$twoFactorAuth->process($login_account, $login_password, $remember_me, $_POST['auth-code'] ?? '')) {
return; return;
} }
session_regenerate_id(); session_regenerate_id();
setSession('account', $account_logged->getId());
setSession('password', encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password)); setSession('password', encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password));
if($remember_me) { if($remember_me) {
setSession('remember_me', true); setSession('remember_me', true);

18
system/src/TwoFactorAuth/TwoFactorAuth.php
View File

@@ -44,7 +44,7 @@ class TwoFactorAuth
return self::$instance; return self::$instance;
} }
public function process($login_account, $login_password, $code): bool public function process($login_account, $login_password, $remember_me, $code): bool
{ {
global $twig; global $twig;
@@ -60,7 +60,11 @@ class TwoFactorAuth
} }
define('HIDE_LOGIN_BOX', true); define('HIDE_LOGIN_BOX', true);
$twig->display('account.2fa.email.login.html.twig'); $twig->display('account.2fa.email.login.html.twig', [
'account_login' => $login_account,
'password_login' => $login_password,
'remember_me' => $remember_me,
]);
} }
else { else {
echo 'Two Factor App Auth'; echo 'Two Factor App Auth';
@@ -74,7 +78,6 @@ class TwoFactorAuth
$this->deleteOldCodes(); $this->deleteOldCodes();
} }
header('Location: account/manage');
return true; return true;
} }
@@ -91,7 +94,14 @@ class TwoFactorAuth
$errors[] = 'Invalid email code!'; $errors[] = 'Invalid email code!';
$twig->display('error_box.html.twig', ['errors' => $errors]); $twig->display('error_box.html.twig', ['errors' => $errors]);
$twig->display('account.2fa.email.login.html.twig', ['wrongCode' => true]); $twig->display('account.2fa.email.login.html.twig',
[
'account_login' => $login_account,
'password_login' => $login_password,
'remember_me' => $remember_me,
'wrongCode' => true,
]);
return false; return false;
} }

4
system/templates/account.2fa.email.activated.html.twig
View File

@@ -15,8 +15,8 @@
</div> </div>
<b>Two-Factor Email Code Authentication <span style="color: green">Activated</span>!</b> <b>Two-Factor Email Code Authentication <span style="color: green">Activated</span>!</b>
<p>To deactivate <b>email code authentication</b>, click on the "Deactivate" button.</p> <p>To deactivate <b>email code authentication</b>, click on the "Deactivate" button.</p>
<p>You will have to confirm the deactivation by entering an <b>email code</b> which will be sent <!--p>You will have to confirm the deactivation by entering an <b>email code</b> which will be sent
to the email address assigned to your account.</p> to the email address assigned to your account.</p-->
</td> </td>
</tr> </tr>
</tbody> </tbody>

2
system/templates/account.2fa.email.deactivate.html.twig
View File

@@ -63,7 +63,7 @@
<div style="margin-top: 15px; margin-bottom: 15px;"> <div style="margin-top: 15px; margin-bottom: 15px;">
<div class="LabelV150 {{ wrongCode ? 'red' : '' }}" style="float:left;"><label <div class="LabelV150 {{ wrongCode ? 'red' : '' }}" style="float:left;"><label
for="email-code">Email Code:</label></div> for="email-code">Email Code:</label></div>
<input form="form-code" id="email-code" name="email-code" maxlength="15" <input form="form-code" id="auth-code" name="email-code" maxlength="15"
autocomplete="off"> autocomplete="off">
{% if wrongCode %} {% if wrongCode %}
<br/> <br/>

9
system/templates/account.2fa.email.login.html.twig
View File

@@ -42,7 +42,7 @@
recent email code</b> you have received in order to log in.<br> recent email code</b> you have received in order to log in.<br>
<div style="margin-top: 15px; margin-bottom: 15px;"> <div style="margin-top: 15px; margin-bottom: 15px;">
<div class="LabelV150 {{ wrongCode ? 'red' : '' }}" style="float:left;"><label for="email-code">Email Code:</label></div> <div class="LabelV150 {{ wrongCode ? 'red' : '' }}" style="float:left;"><label for="email-code">Email Code:</label></div>
<input form="form-code" id="email-code" name="email-code" maxlength="15" autocomplete="off"> <input form="form-code" id="auth-code" name="auth-code" maxlength="15" autocomplete="off">
{% if wrongCode %} {% if wrongCode %}
<br/> <br/>
<div class="LabelV150" style="float:left;">&nbsp; </div> <div class="LabelV150" style="float:left;">&nbsp; </div>
@@ -67,6 +67,12 @@
<form id="form-code" method="post" action="{{ getLink('account/manage') }}"> <form id="form-code" method="post" action="{{ getLink('account/manage') }}">
{{ csrf() }} {{ csrf() }}
<input type="hidden" name="account_login" value="{{ account_login ?? '' }}" />
<input type="hidden" name="password_login" value="{{ password_login ?? '' }}" />
{% if remember_me %}
<input type="hidden" name="remember_me" value="true" />
{% endif %}
<input type="hidden" name="step" value="verify"> <input type="hidden" name="step" value="verify">
{% set button_name = 'Continue' %} {% set button_name = 'Continue' %}
{% set button_color = 'green' %} {% set button_color = 'green' %}
@@ -76,6 +82,7 @@
<td> <td>
<form action="{{ getLink('account/manage') }}" method="post" style="padding:0;margin:0;"> <form action="{{ getLink('account/manage') }}" method="post" style="padding:0;margin:0;">
{{ csrf() }} {{ csrf() }}
{% set button_color = 'blue' %} {% set button_color = 'blue' %}
{{ include('buttons.back.html.twig') }} {{ include('buttons.back.html.twig') }}
</form> </form>

7
system/templates/account.2fa.email_code.html.twig
View File

@@ -35,6 +35,9 @@
method="post" style="padding:0;margin:0;"> method="post" style="padding:0;margin:0;">
{{ csrf() }} {{ csrf() }}
{% if account_logged is defined %}
<input type="hidden" name="account_logged" value="{{ account_logged.getId() }}">
{% endif %}
<input type="hidden" name="step" value="resend"> <input type="hidden" name="step" value="resend">
{% set button_name = 'Resend Email Code' %} {% set button_name = 'Resend Email Code' %}
@@ -62,7 +65,7 @@
the email code you received at the email address assigned to your account. the email code you received at the email address assigned to your account.
<div style="margin-top: 15px; margin-bottom: 15px;"> <div style="margin-top: 15px; margin-bottom: 15px;">
<div class="LabelV150 {{ wrongCode ? 'red' : '' }}" style="float:left;">Email Code:</div> <div class="LabelV150 {{ wrongCode ? 'red' : '' }}" style="float:left;">Email Code:</div>
<input form="confirmActivateForm" name="email-code" maxlength="6"> <input form="confirmActivateForm" name="auth-code" maxlength="6">
{% if wrongCode %} {% if wrongCode %}
<br/> <br/>
<div class="LabelV150" style="float:left;">&nbsp; </div> <div class="LabelV150" style="float:left;">&nbsp; </div>
@@ -80,6 +83,7 @@
</table> </table>
{% endset %} {% endset %}
{% include 'tables.headline.html.twig' %} {% include 'tables.headline.html.twig' %}
<br/>
<table style="width: 100%;"> <table style="width: 100%;">
<tbody> <tbody>
<tr align="center" valign="top"> <tr align="center" valign="top">
@@ -97,6 +101,7 @@
<td> <td>
<form action="{{ getLink('account/manage') }}" method="post" style="padding:0;margin:0;"> <form action="{{ getLink('account/manage') }}" method="post" style="padding:0;margin:0;">
{{ csrf() }} {{ csrf() }}
{% set button_color = 'blue' %}
{{ include('buttons.back.html.twig') }} {{ include('buttons.back.html.twig') }}
</form> </form>
</td> </td>

8
templates/tibiacom/basic.css
View File

@@ -943,6 +943,14 @@ img {
font-size: 8pt; font-size: 8pt;
color: red; color: red;
} }
.AttentionSign img {
float: left;
top: 3px;
left: 8px;
width: 15px;
height: 13px;
margin-right: 5px;
}
.SmallBox { .SmallBox {
position: relative; position: relative;
font-size: 1px; font-size: 1px;