From 1ed760f8e483012d8848cb67684565ab5d40dd1e Mon Sep 17 00:00:00 2001
From: Daniel Seifert <git@daniel-seifert.com>
Date: Sun, 28 Jul 2019 23:34:39 +0200
Subject: [PATCH] add available backup code message in backend and in login
 form

---
 .../Controller/Admin/d3user_totp.php          | 11 ++++++++++
 .../Model/Exceptions/d3backupcodelist.php     | 15 +++++++++++++
 .../blocks/d3totp_login_admin_login_form.tpl  |  2 ++
 .../views/admin/de/d3totp_lang.php            |  6 +++--
 .../views/admin/en/d3totp_lang.php            |  2 ++
 .../views/admin/tpl/d3user_totp.tpl           | 22 ++++++++++++++-----
 .../Admin/d3_totp_LoginController.php         | 20 +++++++++++++++++
 7 files changed, 70 insertions(+), 8 deletions(-)

diff --git a/src/Application/Controller/Admin/d3user_totp.php b/src/Application/Controller/Admin/d3user_totp.php
index 530a26e..83dfa85 100644
--- a/src/Application/Controller/Admin/d3user_totp.php
+++ b/src/Application/Controller/Admin/d3user_totp.php
@@ -21,6 +21,7 @@ use D3\Totp\Modules\Application\Model\d3_totp_user;
 use Exception;
 use OxidEsales\Eshop\Application\Controller\Admin\AdminDetailsController;
 use OxidEsales\Eshop\Application\Model\User;
+use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
 use OxidEsales\Eshop\Core\Exception\StandardException;
 use OxidEsales\Eshop\Core\Registry;
 
@@ -130,4 +131,14 @@ class d3user_totp extends AdminDetailsController
     {
         return implode(PHP_EOL, $this->aBackupCodes);
     }
+
+    /**
+     * @return int
+     * @throws DatabaseConnectionException
+     */
+    public function getAvailableBackupCodeCount()
+    {
+        $oBackupCodeList = oxNew(d3backupcodelist::class);
+        return $oBackupCodeList->getAvailableCodeCount($this->getUser()->getId());
+    }
 }
\ No newline at end of file
diff --git a/src/Application/Model/Exceptions/d3backupcodelist.php b/src/Application/Model/Exceptions/d3backupcodelist.php
index eaa4af4..26ef289 100644
--- a/src/Application/Model/Exceptions/d3backupcodelist.php
+++ b/src/Application/Model/Exceptions/d3backupcodelist.php
@@ -115,4 +115,19 @@ class d3backupcodelist extends ListModel
             $oBackupCode->delete();
         }
     }
+
+    /**
+     * @param $sUserId
+     * @return int
+     * @throws DatabaseConnectionException
+     */
+    public function getAvailableCodeCount($sUserId)
+    {
+        $oDb = DatabaseProvider::getDb();
+
+        $query = "SELECT count(*) FROM ".$oDb->quoteIdentifier($this->getBaseObject()->getViewName()).
+            " WHERE ".$oDb->quoteIdentifier('oxuserid')." = ".$oDb->quote($sUserId);
+
+        return (int) $oDb->getOne($query);
+    }
 }
\ No newline at end of file
diff --git a/src/Application/views/admin/blocks/d3totp_login_admin_login_form.tpl b/src/Application/views/admin/blocks/d3totp_login_admin_login_form.tpl
index c578216..84a6490 100644
--- a/src/Application/views/admin/blocks/d3totp_login_admin_login_form.tpl
+++ b/src/Application/views/admin/blocks/d3totp_login_admin_login_form.tpl
@@ -8,6 +8,8 @@
         [{include file="inc_error.tpl" Errorlist=$Errors.default}]
     [{/if}]
 
+    [{$oView->getBackupCodeCountMessage()}]
+
     <label for="d3totp">[{oxmultilang ident="TOTP_INPUT"}]</label>
     <input type="text" name="d3totp" id="d3totp" value="" size="49" autofocus autocomplete="off"><br>
 
diff --git a/src/Application/views/admin/de/d3totp_lang.php b/src/Application/views/admin/de/d3totp_lang.php
index 3801970..186f7b9 100644
--- a/src/Application/views/admin/de/d3totp_lang.php
+++ b/src/Application/views/admin/de/d3totp_lang.php
@@ -40,8 +40,10 @@ $aLang = [
     'D3_TOTP_REGISTERDELETE'                          => 'Registrierung löschen',
     'D3_TOTP_REGISTERDELETE_DESC'                     => 'Um die Registrierung zu ändern, löschen Sie diese bitte vorerst. Sie können sofort im Anschluss eine neue Registrierung anlegen.<br>Wenn Sie die Registrierung löschen, ist das Konto nicht mehr durch die Zweifaktorauthentisierung geschützt.',
 
-    'D3_TOTP_BACKUPCODES'                             => 'Backup-Codes',
-    'D3_TOTP_BACKUPCODES_DESC'                        => 'Mit diesen Backup-Codes können Sie sich anmelden, wenn die Generierung des Einmalpasswortes nicht möglich ist (z.B. Gerät verloren oder neu installiert). Sie können dann die Einstellungen zur Verwendung der 2-Faktor-Authentisierung ändern oder einen neuen Zugang erstellen. Speichern Sie sich diese Codes bitte in diesem Moment sicher ab. Nach Verlassen dieser Seite können diese Codes nicht erneut angezeigt werden.',
+    'D3_TOTP_BACKUPCODES'                             => 'Backupcodes',
+    'D3_TOTP_BACKUPCODES_DESC'                        => 'Mit diesen Backupcodes können Sie sich anmelden, wenn die Generierung des Einmalpasswortes nicht möglich ist (z.B. Gerät verloren oder neu installiert). Sie können dann die Einstellungen zur Verwendung der 2-Faktor-Authentisierung ändern oder einen neuen Zugang erstellen. Speichern Sie sich diese Codes bitte in diesem Moment sicher ab. Nach Verlassen dieser Seite können diese Codes nicht erneut angezeigt werden.',
+    'D3_TOTP_AVAILBACKUPCODECOUNT'                    => 'noch %1$s Backupcodes verfügbar',
+    'D3_TOTP_AVAILBACKUPCODECOUNT_DESC'               => 'Um neue Backupcodes zu erstellen, löschen Sie die bestehende Registrierung und legen diese bitte neu an.',
 
     'D3_TOTP_SAVE'                                    => 'Speichern',
 
diff --git a/src/Application/views/admin/en/d3totp_lang.php b/src/Application/views/admin/en/d3totp_lang.php
index 18c807e..60ae1cd 100644
--- a/src/Application/views/admin/en/d3totp_lang.php
+++ b/src/Application/views/admin/en/d3totp_lang.php
@@ -42,6 +42,8 @@ $aLang = [
 
     'D3_TOTP_BACKUPCODES'                             => 'backup codes',
     'D3_TOTP_BACKUPCODES_DESC'                        => 'You can use these backup codes to log on if it is not possible to generate the one-time password (e.g. device lost or newly installed). You can then change the settings to use 2-factor authentication or create a new 2FA login. Please save these codes safely at this moment. After leaving this page, these codes cannot be displayed again.',
+    'D3_TOTP_AVAILBACKUPCODECOUNT'                    => '%1$s backup codes still available',
+    'D3_TOTP_AVAILBACKUPCODECOUNT_DESC'               => 'To create new backup codes, delete the existing registry and create a new one.',
 
     'D3_TOTP_SAVE'                                    => 'Save',
 
diff --git a/src/Application/views/admin/tpl/d3user_totp.tpl b/src/Application/views/admin/tpl/d3user_totp.tpl
index f0ad81a..a610382 100644
--- a/src/Application/views/admin/tpl/d3user_totp.tpl
+++ b/src/Application/views/admin/tpl/d3user_totp.tpl
@@ -124,13 +124,12 @@
                                     </td>
                                 </tr>
                             [{else}]
+                                <tr>
+                                    <td class="edittext" colspan="2">
+                                        <h4>[{oxmultilang ident="D3_TOTP_BACKUPCODES"}]</h4>
+                                    </td>
+                                </tr>
                                 [{if $oView->getBackupCodes()}]
-
-                                    <tr>
-                                        <td class="edittext" colspan="2">
-                                            <h4>[{oxmultilang ident="D3_TOTP_BACKUPCODES"}]</h4>
-                                        </td>
-                                    </tr>
                                     <tr>
                                         <td>
                                             <label for="backupcodes">[{oxmultilang ident="D3_TOTP_BACKUPCODES_DESC"}]</label>
@@ -139,6 +138,17 @@
                                             <textarea id="backupcodes" rows="10" cols="20">[{$oView->getBackupCodes()}]</textarea>
                                         </td>
                                     </tr>
+                                [{else}]
+                                    <tr>
+                                        <td>
+                                            [{oxmultilang ident="D3_TOTP_AVAILBACKUPCODECOUNT" args=$oView->getAvailableBackupCodeCount()}]
+                                        </td>
+                                    </tr>
+                                    <tr>
+                                        <td>
+                                            [{oxmultilang ident="D3_TOTP_AVAILBACKUPCODECOUNT_DESC"}]
+                                        </td>
+                                    </tr>
                                 [{/if}]
                             [{/if}]
 
diff --git a/src/Modules/Application/Controller/Admin/d3_totp_LoginController.php b/src/Modules/Application/Controller/Admin/d3_totp_LoginController.php
index 27ed85e..96a3810 100644
--- a/src/Modules/Application/Controller/Admin/d3_totp_LoginController.php
+++ b/src/Modules/Application/Controller/Admin/d3_totp_LoginController.php
@@ -16,6 +16,7 @@
 namespace D3\Totp\Modules\Application\Controller\Admin;
 
 use D3\Totp\Application\Model\d3totp;
+use D3\Totp\Application\Model\Exceptions\d3backupcodelist;
 use D3\Totp\Application\Model\Exceptions\d3totp_wrongOtpException;
 use Doctrine\DBAL\DBALException;
 use OxidEsales\Eshop\Application\Model\User;
@@ -78,6 +79,25 @@ class d3_totp_LoginController extends d3_totp_LoginController_parent
         return $return;
     }
 
+    /**
+     * @return string|void
+     * @throws DatabaseConnectionException
+     */
+    public function getBackupCodeCountMessage()
+    {
+        $oBackupCodeList = oxNew(d3backupcodelist::class);
+        $iCount = $oBackupCodeList->getAvailableCodeCount(Registry::getSession()->getVariable("auth"));
+
+        if ($iCount < 4) {
+            return sprintf(
+                Registry::getLang()->translateString('D3_TOTP_AVAILBACKUPCODECOUNT'),
+                $iCount
+            );
+        };
+
+        return;
+    }
+
     /**
      * @param d3totp $totp
      * @return bool