forked from e107inc/twofactorauth
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathverify.php
133 lines (111 loc) · 3.08 KB
/
verify.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
<?php
/*
* TwoFactorAuth
*
* Copyright (C) 2021-2022 e107 Inc. (https://www.e107.org)
* Released under the terms and conditions of the
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
*
*/
if(!defined('e107_INIT'))
{
require_once(__DIR__.'/../../class2.php');
}
// Make this page inaccessible when plugin is not installed.
if (!e107::isInstalled('twofactorauth'))
{
e107::redirect();
exit;
}
$session_user_id = e107::getSession('2fa')->get('user_id');
$session_previous_page = e107::getSession('2fa')->get('previous_page');
// No need to access this file directly or when already logged in.
if(empty($session_user_id) || USER)
{
if(USER)
{
//e107::redirect(e_BASE.'usersettings.php');
//$url = e107::getUrl()->create('user/myprofile/edit', array('id' => USERID));
$url = e107::url('twofactorauth', 'setup');
e107::redirect($url);
}
else
{
$url = e_BASE.'login.php';
}
e107::redirect($url);
exit;
}
// Check action
if(strpos($session_previous_page, 'fpw.php') !== false) // PHP 8 - str_contains()
{
$action = 'fpw';
}
else
{
$action = 'login';
}
// Load required files (TwoFactorAuth Library and twofactorauth class)
// e107_require_once(e_PLUGIN.'twofactorauth/vendor/autoload.php');
// use \RobThree\Auth\TwoFactorAuth;
// $tfa_library = new TwoFactorAuth();
require_once(e_PLUGIN."twofactorauth/twofactorauth_class.php");
$tfa_class = new tfa_class();
// Load LAN files
e107::lan('twofactorauth', false, true);
$caption = LAN_2FA_TITLE." - ".LAN_VERIFY;
e107::title($caption);
require_once(HEADERF);
$text = "";
// Process TOTP code and verify against secret key
if(isset($_POST['enter-totp-login']))
{
// Retrieve user ID from session
$user_id = e107::getSession('2fa')->get('user_id');
// Set $totp, entered by user
$totp = intval($_POST['totp']);
$totp = (string) $totp;
if(!$tfa_class->processLogin($user_id, $totp))
{
e107::getMessage()->addError(LAN_2FA_INCORRECT_TOTP);
}
}
// Process TOTP code and verify against secret key
if(isset($_POST))
{
// Retrieve user ID from session
$user_id = e107::getSession('2fa')->get('user_id');
// Set $totp, entered by user
$totp = intval($_POST['totp']);
$totp = (string) $totp;
if(isset($_POST['enter-totp-login']))
{
if(!$tfa_class->processLogin($user_id, $totp))
{
e107::getMessage()->addError(LAN_2FA_INCORRECT_TOTP);
}
}
if(isset($_POST['enter-totp-fpw']))
{
if(!$tfa_class->processFpw($user_id, $totp))
{
e107::getMessage()->addError(LAN_2FA_INCORRECT_TOTP);
}
else
{
return true;
}
}
}
// TEMP FOR DEV PURPOSES
// $secret = e107::getDB()->retrieve('twofactorauth', 'secret_key', "user_id='1'");
// $correct_totp = $tfa_library->getCode($secret);
// $text .= $correct_totp;
// Display form to enter TOTP
e107::getMessage()->addInfo(e107::getParser()->toHTML(LAN_2FA_VERIFY_INSTRUCTIONS, true));
$text .= $tfa_class->showTotpInputForm($action);
$text .= '<p class="font-italic">'.LAN_2FA_FALLBACK_INSTRUCTIONS.'</p>';
// Let's render and show it all!
e107::getRender()->tablerender($caption, e107::getMessage()->render().$text);
require_once(FOOTERF);
exit;