2019-07-28 23:00:30 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
/**
|
2022-09-26 15:22:26 +02:00
|
|
|
* For the full copyright and license information, please view the LICENSE
|
|
|
|
* file that was distributed with this source code.
|
|
|
|
*
|
|
|
|
* https://www.d3data.de
|
2019-07-28 23:00:30 +02:00
|
|
|
*
|
|
|
|
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
|
2022-09-26 15:22:26 +02:00
|
|
|
* @author D3 Data Development - Daniel Seifert <info@shopmodule.com>
|
|
|
|
* @link https://www.oxidmodule.com
|
2019-07-28 23:00:30 +02:00
|
|
|
*/
|
|
|
|
|
2022-09-28 00:08:36 +02:00
|
|
|
declare(strict_types=1);
|
|
|
|
|
2019-07-28 23:00:30 +02:00
|
|
|
namespace D3\Totp\Application\Model;
|
|
|
|
|
2019-07-31 22:43:34 +02:00
|
|
|
use OxidEsales\Eshop\Application\Model\User;
|
2019-07-28 23:00:30 +02:00
|
|
|
use OxidEsales\Eshop\Core\DatabaseProvider;
|
|
|
|
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
|
|
|
|
use OxidEsales\Eshop\Core\Model\BaseModel;
|
2019-07-31 22:43:34 +02:00
|
|
|
use OxidEsales\Eshop\Core\Registry;
|
2019-07-28 23:00:30 +02:00
|
|
|
|
|
|
|
class d3backupcode extends BaseModel
|
|
|
|
{
|
|
|
|
protected $_sCoreTable = 'd3totp_backupcodes';
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param $sUserId
|
|
|
|
* @return string
|
|
|
|
* @throws DatabaseConnectionException
|
|
|
|
*/
|
|
|
|
public function generateCode($sUserId)
|
|
|
|
{
|
2019-08-11 23:49:49 +02:00
|
|
|
$sCode = $this->getRandomTotpBackupCode();
|
2019-07-28 23:00:30 +02:00
|
|
|
$this->assign(
|
2019-08-02 00:23:21 +02:00
|
|
|
[
|
2019-07-28 23:00:30 +02:00
|
|
|
'oxuserid' => $sUserId,
|
2019-08-16 23:17:48 +02:00
|
|
|
'backupcode' => $this->d3EncodeBC($sCode, $sUserId),
|
2019-08-02 00:23:21 +02:00
|
|
|
]
|
2019-07-28 23:00:30 +02:00
|
|
|
);
|
|
|
|
|
|
|
|
return $sCode;
|
|
|
|
}
|
|
|
|
|
2019-08-11 23:49:49 +02:00
|
|
|
public function getRandomTotpBackupCode()
|
|
|
|
{
|
|
|
|
return d3RandomGenerator::getRandomTotpBackupCode();
|
|
|
|
}
|
|
|
|
|
2019-07-28 23:00:30 +02:00
|
|
|
/**
|
|
|
|
* @param $code
|
2022-09-28 00:08:36 +02:00
|
|
|
* @param $sUserId
|
2019-07-28 23:00:30 +02:00
|
|
|
* @return false|string
|
|
|
|
* @throws DatabaseConnectionException
|
|
|
|
*/
|
2019-08-16 23:17:48 +02:00
|
|
|
public function d3EncodeBC($code, $sUserId)
|
2019-07-28 23:00:30 +02:00
|
|
|
{
|
|
|
|
$oDb = DatabaseProvider::getDb();
|
2022-11-09 12:03:16 +01:00
|
|
|
$oUser = $this->d3TotpGetUserObject();
|
2019-08-16 23:17:48 +02:00
|
|
|
$oUser->load($sUserId);
|
|
|
|
$salt = $oUser->getFieldData('oxpasssalt');
|
2019-07-28 23:00:30 +02:00
|
|
|
$sSelect = "SELECT BINARY MD5( CONCAT( " . $oDb->quote($code) . ", UNHEX( ".$oDb->quote($salt)." ) ) )";
|
|
|
|
|
|
|
|
return $oDb->getOne($sSelect);
|
|
|
|
}
|
2019-07-31 22:43:34 +02:00
|
|
|
|
|
|
|
public function d3GetUser()
|
|
|
|
{
|
2022-10-01 14:44:36 +02:00
|
|
|
/** @var User|null $user */
|
|
|
|
$user = $this->getUser();
|
|
|
|
|
|
|
|
if ($user instanceof User) {
|
2019-07-31 22:43:34 +02:00
|
|
|
return $this->getUser();
|
|
|
|
}
|
|
|
|
|
2019-08-02 00:23:21 +02:00
|
|
|
$sUserId = Registry::getSession()->getVariable(d3totp::TOTP_SESSION_CURRENTUSER);
|
2019-07-31 22:43:34 +02:00
|
|
|
$oUser = oxNew(User::class);
|
|
|
|
$oUser->load($sUserId);
|
|
|
|
return $oUser;
|
|
|
|
}
|
2019-08-16 23:17:48 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @return User
|
|
|
|
*/
|
2022-11-09 12:03:16 +01:00
|
|
|
public function d3TotpGetUserObject()
|
2019-08-16 23:17:48 +02:00
|
|
|
{
|
|
|
|
return oxNew(User::class);
|
|
|
|
}
|
2022-09-30 21:06:30 +02:00
|
|
|
}
|