2019-05-13 05:36:09 +00:00
< ? php
namespace Friendica\Module\TwoFactor ;
use Friendica\BaseModule ;
2019-12-03 21:29:37 +00:00
use Friendica\Core\Authentication ;
2019-05-13 05:36:09 +00:00
use Friendica\Core\L10n ;
use Friendica\Core\PConfig ;
use Friendica\Core\Renderer ;
use Friendica\Core\Session ;
use PragmaRX\Google2FA\Google2FA ;
/**
* Page 1 : Authenticator code verification
*
* @ package Friendica\Module\TwoFactor
*/
class Verify extends BaseModule
{
2019-07-24 00:02:26 +00:00
private static $errors = [];
2019-11-05 21:48:54 +00:00
public static function post ( array $parameters = [])
2019-05-13 05:36:09 +00:00
{
if ( ! local_user ()) {
return ;
}
2019-07-24 00:02:26 +00:00
if (( $_POST [ 'action' ] ? ? '' ) == 'verify' ) {
2019-05-13 05:36:09 +00:00
self :: checkFormSecurityTokenRedirectOnError ( '2fa' , 'twofactor_verify' );
$a = self :: getApp ();
2019-07-24 00:02:26 +00:00
$code = $_POST [ 'verify_code' ] ? ? '' ;
2019-05-13 05:36:09 +00:00
$valid = ( new Google2FA ()) -> verifyKey ( PConfig :: get ( local_user (), '2fa' , 'secret' ), $code );
// The same code can't be used twice even if it's valid
if ( $valid && Session :: get ( '2fa' ) !== $code ) {
Session :: set ( '2fa' , $code );
// Resume normal login workflow
2019-12-03 21:29:37 +00:00
/** @var Authentication $authentication */
$authentication = self :: getClass ( Authentication :: class );
$authentication -> setForUser ( $a , $a -> user , true , true );
2019-05-13 05:36:09 +00:00
} else {
2019-07-24 00:02:26 +00:00
self :: $errors [] = L10n :: t ( 'Invalid code, please retry.' );
2019-05-13 05:36:09 +00:00
}
}
}
2019-11-05 21:48:54 +00:00
public static function content ( array $parameters = [])
2019-05-13 05:36:09 +00:00
{
if ( ! local_user ()) {
self :: getApp () -> internalRedirect ();
}
// Already authenticated with 2FA token
if ( Session :: get ( '2fa' )) {
self :: getApp () -> internalRedirect ();
}
return Renderer :: replaceMacros ( Renderer :: getMarkupTemplate ( 'twofactor/verify.tpl' ), [
'$form_security_token' => self :: getFormSecurityToken ( 'twofactor_verify' ),
2019-05-13 17:31:08 +00:00
'$title' => L10n :: t ( 'Two-factor authentication' ),
'$message' => L10n :: t ( '<p>Open the two-factor authentication app on your device to get an authentication code and verify your identity.</p>' ),
2019-07-24 00:02:26 +00:00
'$errors_label' => L10n :: tt ( 'Error' , 'Errors' , count ( self :: $errors )),
'$errors' => self :: $errors ,
2019-05-13 05:36:09 +00:00
'$recovery_message' => L10n :: t ( 'Don’ t have your phone? <a href="%s">Enter a two-factor recovery code</a>' , '2fa/recovery' ),
2019-12-05 20:42:33 +00:00
'$verify_code' => [ 'verify_code' , L10n :: t ( 'Please enter a code from your authentication app' ), '' , '' , 'required' , 'autofocus placeholder="000000"' , 'number' ],
2019-05-13 17:31:08 +00:00
'$verify_label' => L10n :: t ( 'Verify code and complete login' ),
2019-05-13 05:36:09 +00:00
]);
}
}