2023-03-04 04:43:05 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace Code\Module;
|
|
|
|
|
|
|
|
use App;
|
|
|
|
use Code\Render\Theme;
|
|
|
|
use Code\Web\Controller;
|
|
|
|
use OTPHP\TOTP;
|
|
|
|
|
2023-03-04 05:44:40 +00:00
|
|
|
class Totp_check extends Controller
|
|
|
|
{
|
2023-03-04 04:43:05 +00:00
|
|
|
|
2023-03-05 18:14:32 +00:00
|
|
|
public function post()
|
2023-03-04 05:44:40 +00:00
|
|
|
{
|
2023-03-04 04:43:05 +00:00
|
|
|
$retval = ['status' => false];
|
|
|
|
|
|
|
|
$account = App::get_account();
|
|
|
|
if (!$account) {
|
|
|
|
json_return_and_die($retval);
|
|
|
|
}
|
|
|
|
$secret = $account['account_external'];
|
2023-03-05 06:09:14 +00:00
|
|
|
$input = (isset($_POST['totp_code'])) ? trim($_POST['totp_code']) : '';
|
2023-03-04 04:43:05 +00:00
|
|
|
|
2023-03-05 06:09:14 +00:00
|
|
|
if ($secret && $input) {
|
2023-03-04 04:43:05 +00:00
|
|
|
$otp = TOTP::create($secret); // create TOTP object from the secret.
|
2023-03-05 06:09:14 +00:00
|
|
|
if ($otp->verify($_POST['totp_code']) || $input === $secret ) {
|
|
|
|
logger('otp_success');
|
2023-03-04 05:44:40 +00:00
|
|
|
$_SESSION['2FA_VERIFIED'] = true;
|
|
|
|
$retval['status'] = true;
|
|
|
|
json_return_and_die($retval);
|
2023-03-04 04:43:05 +00:00
|
|
|
}
|
2023-03-05 06:09:14 +00:00
|
|
|
logger('otp_fail');
|
2023-03-04 05:44:40 +00:00
|
|
|
}
|
|
|
|
json_return_and_die($retval);
|
2023-03-04 04:43:05 +00:00
|
|
|
}
|
|
|
|
|
2023-03-05 18:14:32 +00:00
|
|
|
public function get() {
|
2023-03-04 04:43:05 +00:00
|
|
|
$account = App::get_account();
|
2023-03-04 05:44:40 +00:00
|
|
|
if (!$account) {
|
|
|
|
return t('Account not found.');
|
|
|
|
}
|
2023-03-05 18:14:32 +00:00
|
|
|
|
2023-03-04 05:44:40 +00:00
|
|
|
return replace_macros(Theme::get_template('totp.tpl'),
|
2023-03-04 04:43:05 +00:00
|
|
|
[
|
2023-03-04 09:36:54 +00:00
|
|
|
'$header' => t('Multifactor Verification'),
|
|
|
|
'$desc' => t('Please enter the verification key from your authenticator app'),
|
2023-03-04 04:43:05 +00:00
|
|
|
'$success' => t('Success!'),
|
|
|
|
'$fail' => t('Invalid code, please try again.'),
|
|
|
|
'$maxfails' => t('Too many invalid codes...'),
|
|
|
|
'$submit' => t('Verify')
|
2023-03-04 05:44:40 +00:00
|
|
|
]
|
|
|
|
);
|
2023-03-04 04:43:05 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|