-
Notifications
You must be signed in to change notification settings - Fork 2
/
verify.php
123 lines (99 loc) · 2.92 KB
/
verify.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
<?php
/*
* TwoFactorAuth
*
* Copyright (C) 2021-2022 e107 Inc. (https://www.e107.org)
* Released under the terms and conditions of the
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
*
*/
if(!defined('e107_INIT'))
{
require_once(__DIR__.'/../../class2.php');
}
// Make this page inaccessible when plugin is not installed.
if (!e107::isInstalled('twofactorauth'))
{
e107::redirect();
exit;
}
require_once(e_PLUGIN."twofactorauth/twofactorauth_class.php");
$tfa_class = new tfa_class();
$session_user_id = e107::getSession('2fa')->get('user_id');
$session_previous_page = e107::getSession('2fa')->get('previous_page');
// No need to access this file directly or when already logged in.
if(empty($session_user_id) || USER)
{
$tfa_class->tfaDebug(__LINE__." ".__FILE__.": session_user_id: ".$session_user_id);
if(USER)
{
$tfa_class->tfaDebug(__LINE__." ".__FILE__.": User is already logged in? Redirect to setup");
$url = e107::url('twofactorauth', 'setup');
e107::redirect($url);
}
else
{
$tfa_class->tfaDebug(__LINE__." ".__FILE__.": session user id already set? Redirect to homepage");
e107::redirect();
}
e107::redirect($url);
exit;
}
// Check action
if(str_contains($session_previous_page, 'fpw.php'))
{
$action = 'fpw';
}
else
{
$action = 'login';
}
;
// Load LAN files
e107::lan('twofactorauth', false, true);
$caption = LAN_2FA_TITLE." - ".LAN_VERIFY;
e107::title($caption);
require_once(HEADERF);
$text = "";
// Process TOTP code and verify against secret key
if(isset($_POST))
{
// Retrieve user ID from session
$user_id = e107::getSession('2fa')->get('user_id');
// Set $totp, entered by user
$totp = intval($_POST['totp']);
$totp = (string) $totp;
if(isset($_POST['enter-totp-login']))
{
if(!$tfa_class->processLogin($user_id, $totp))
{
e107::getMessage()->addError(LAN_2FA_INCORRECT_TOTP);
}
}
if(isset($_POST['enter-totp-fpw']))
{
$tfa_class->tfaDebug(__LINE__." ".__FILE__.": Start running processFpw");
if(!$tfa_class->processFpw($user_id, $totp))
{
e107::getMessage()->addError(LAN_2FA_INCORRECT_TOTP);
}
// else
// {
// $tfa_class->tfaDebug(__LINE__." ".__FILE__.": FPW - TOTP is correct. Return true.");
// return true;
// }
}
}
// TEMP FOR DEV PURPOSES
// $secret = e107::getDB()->retrieve('twofactorauth', 'secret_key', "user_id='1'");
// $correct_totp = $tfa_library->getCode($secret);
// $text .= $correct_totp;
// Display form to enter TOTP
e107::getMessage()->addInfo(e107::getParser()->toHTML(LAN_2FA_VERIFY_INSTRUCTIONS, true));
$text .= $tfa_class->showTotpInputForm($action);
$fallback_instructions = str_replace(['[', ']'], ["<a href='".e107::url('twofactorauth', 'recovery')."'>", '</a>'], LAN_2FA_FALLBACK_INSTRUCTIONS);
$text .= '<p class="font-italic">'.$fallback_instructions.'</p>';
// Let's render and show it all!
e107::getRender()->tablerender($caption, e107::getMessage()->render().$text);
require_once(FOOTERF);
exit;