mirror of
https://github.com/slawkens/myaac.git
synced 2026-02-06 13:16:22 +01:00
7471c49793
* Don't allow per get request to disable 2fa * Fix google recaptcha issue * Fix rec key check * Make input auth code required + autofocus
52 lines
1.6 KiB
PHP
52 lines
1.6 KiB
PHP
<?php
|
|
|
|
use MyAAC\TwoFactorAuth\TwoFactorAuth;
|
|
|
|
defined('MYAAC') or die('Direct access not allowed!');
|
|
|
|
require __DIR__ . '/../base.php';
|
|
|
|
if ((!setting('core.mail_enabled'))) {
|
|
$twig->display('error_box.html.twig', ['errors' => ['Account Two-Factor E-Mail Authentication disabled.']]);
|
|
return;
|
|
}
|
|
|
|
if ($twoFactorAuth->isActive()) {
|
|
$errors[] = 'Two-factor authentication is already enabled on your account.';
|
|
$twig->display('error_box.html.twig', ['errors' => $errors]);
|
|
|
|
return;
|
|
}
|
|
|
|
if (!$twoFactorAuth->hasRecentEmailCode(15 * 60)) {
|
|
$twoFactorAuth->resendEmailCode();
|
|
}
|
|
|
|
if (isset($_POST['save'])) {
|
|
if (!empty($code)) {
|
|
$twoFactorAuth->setAuthGateway(TwoFactorAuth::TYPE_EMAIL);
|
|
if ($twoFactorAuth->getAuthGateway()->verifyCode($code)) {
|
|
$serverName = configLua('serverName');
|
|
|
|
$twoFactorAuth->enable(TwoFactorAuth::TYPE_EMAIL);
|
|
$twoFactorAuth->deleteOldCodes();
|
|
|
|
$twig->display('success.html.twig', [
|
|
'title' => 'Email Code Authentication Activated',
|
|
'description' => sprintf('You have successfully activated <b>email code authentication</b> for your account. This means an <b>email code</b> will be sent to the email address assigned to your account whenever you try to log in to the %s client or the %s website. In order to log in, you will need to enter the <b>most recent email code</b> you have received.', $serverName, $serverName)
|
|
]);
|
|
|
|
return;
|
|
}
|
|
else {
|
|
$errors[] = 'Invalid email code!';
|
|
}
|
|
}
|
|
}
|
|
|
|
if (!empty($errors)) {
|
|
$twig->display('error_box.html.twig', ['errors' => $errors]);
|
|
}
|
|
|
|
$twig->display('account/2fa/email/enable.html.twig', ['wrongCode' => count($errors) > 0]);
|