mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-20 00:35:30 +00:00
mfa update
This commit is contained in:
parent
34e941275a
commit
ee7af9b646
2 changed files with 87 additions and 3 deletions
82
Code/Module/Totp_check.php
Normal file
82
Code/Module/Totp_check.php
Normal file
|
@ -0,0 +1,82 @@
|
|||
<?php
|
||||
|
||||
namespace Code\Module;
|
||||
|
||||
use App;
|
||||
use Code\Lib\Apps;
|
||||
use Code\Lib\AConfig;
|
||||
use Code\Lib\System;
|
||||
use Code\Render\Theme;
|
||||
use Code\Web\Controller;
|
||||
use OTPHP\TOTP;
|
||||
|
||||
class Totp_check extends Controller {
|
||||
|
||||
function post() {
|
||||
$retval = ['status' => false];
|
||||
|
||||
if (!local_channel()) {
|
||||
json_return_and_die($retval);
|
||||
}
|
||||
|
||||
$account = App::get_account();
|
||||
if (!$account) {
|
||||
json_return_and_die($retval);
|
||||
}
|
||||
$secret = $account['account_external'];
|
||||
|
||||
if (isset($_POST['totp_code'])) {
|
||||
$otp = TOTP::create($secret); // create TOTP object from the secret.
|
||||
if ($otp->verify($_POST['totp_code'])) {
|
||||
|
||||
}
|
||||
$otp->verify($input); // Returns true if the input is verified, otherwise false.
|
||||
require_once("addon/totp/class_totp.php");
|
||||
$ref = intval($_POST['totp_code']);
|
||||
|
||||
$totp = new \TOTP(ucfirst(System::get_platform_name()),
|
||||
$account['account_email'], $secret, 30, 6);
|
||||
$match = ($totp->authcode($totp->timestamp()) == $ref);
|
||||
if ($match) $_SESSION['2FA_VERIFIED'] = true;
|
||||
json_return_and_die(array("match" => ($match ? "1" : "0")));
|
||||
}
|
||||
json_return_and_die(array("status" => false));
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
function totp_installed() {
|
||||
$id = local_channel();
|
||||
if (!$id) {
|
||||
return false;
|
||||
}
|
||||
return Apps::addon_app_installed($id, 'totp');
|
||||
}
|
||||
function get_secret($acct_id) {
|
||||
return AConfig::get($acct_id, 'totp', 'secret', null);
|
||||
}
|
||||
function get() {
|
||||
if (!$this->totp_installed()) {
|
||||
//Do not display any associated widgets at this point
|
||||
App::$pdl = '';
|
||||
$papp = Apps::get_papp('TOTP');
|
||||
return Apps::app_render($papp, 'module');
|
||||
}
|
||||
|
||||
$account = App::get_account();
|
||||
if (!$account) goaway(z_root());
|
||||
$o .= replace_macros(Theme::get_template('totp.tpl','addon/totp'),
|
||||
[
|
||||
'$header' => t('TOTP Two-Step Verification'),
|
||||
'$desc' => t('Enter the 2-step verification generated by your authenticator app:'),
|
||||
'$success' => t('Success!'),
|
||||
'$fail' => t('Invalid code, please try again.'),
|
||||
'$maxfails' => t('Too many invalid codes...'),
|
||||
'$submit' => t('Verify')
|
||||
]);
|
||||
return $o;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -15,14 +15,16 @@ var totp_success_msg = '{{$success}}';
|
|||
var totp_fail_msg = '{{$fail}}';
|
||||
var totp_maxfails_msg = '{{$maxfails}}';
|
||||
var try_countdown = 3;
|
||||
|
||||
$(window).on("load", function() {
|
||||
totp_clear();
|
||||
});
|
||||
});
|
||||
|
||||
function totp_clear() {
|
||||
var box = document.getElementById("totp-code");
|
||||
let box = document.getElementById("totp-code");
|
||||
box.value = "";
|
||||
box.focus();
|
||||
}
|
||||
}
|
||||
function totp_verify() {
|
||||
var code = document.getElementById("totp-code").value;
|
||||
$.post("totp", {totp_code: code},
|
||||
|
|
Loading…
Reference in a new issue