diff --git a/src/Application/Controller/Admin/d3totpadminlogin.php b/src/Application/Controller/Admin/d3totpadminlogin.php index 4bd89e7..d305013 100644 --- a/src/Application/Controller/Admin/d3totpadminlogin.php +++ b/src/Application/Controller/Admin/d3totpadminlogin.php @@ -60,7 +60,7 @@ class d3totpadminlogin extends AdminController $totp = $this->d3TotpGetTotpObject(); $totp->loadByUserId($userId); - return $this->d3TotpGetSession()->hasVariable(d3totp_conf::SESSION_AUTH) || + return $this->d3TotpGetSession()->hasVariable(d3totp_conf::SESSION_ADMIN_AUTH) || !$totp->isActive(); } @@ -70,7 +70,7 @@ class d3totpadminlogin extends AdminController protected function isTotpLoginNotPossible(): bool { return !$this->d3TotpGetSession()->hasVariable(d3totp_conf::OXID_ADMIN_AUTH) && - !$this->d3TotpGetSession()->hasVariable(d3totp_conf::SESSION_CURRENTUSER); + !$this->d3TotpGetSession()->hasVariable(d3totp_conf::SESSION_ADMIN_CURRENTUSER); } /** @@ -159,8 +159,8 @@ class d3totpadminlogin extends AdminController $session->initNewSession(); $session->setVariable("aAdminProfiles", $adminProfiles); $session->setVariable(d3totp_conf::OXID_ADMIN_AUTH, $userId); - $session->setVariable(d3totp_conf::SESSION_AUTH, $userId); - $session->deleteVariable(d3totp_conf::SESSION_CURRENTUSER); + $session->setVariable(d3totp_conf::SESSION_ADMIN_AUTH, $userId); + $session->deleteVariable(d3totp_conf::SESSION_ADMIN_CURRENTUSER); return "admin_start"; } catch (d3totp_wrongOtpException $e) { @@ -179,7 +179,7 @@ class d3totpadminlogin extends AdminController */ public function d3TotpHasValidTotp(string $sTotp = null, d3totp $totp): bool { - return $this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_AUTH) + return $this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_ADMIN_AUTH) || $totp->verify($sTotp); } diff --git a/src/Application/Controller/Admin/d3user_totp.php b/src/Application/Controller/Admin/d3user_totp.php index 0844e3a..82e5acf 100644 --- a/src/Application/Controller/Admin/d3user_totp.php +++ b/src/Application/Controller/Admin/d3user_totp.php @@ -17,7 +17,6 @@ namespace D3\Totp\Application\Controller\Admin; use D3\Totp\Application\Model\d3totp; use D3\Totp\Application\Model\d3backupcodelist; -use D3\Totp\Application\Model\d3totp_conf; use D3\Totp\Modules\Application\Model\d3_totp_user; use Exception; use OxidEsales\Eshop\Application\Controller\Admin\AdminDetailsController; diff --git a/src/Application/Model/d3backupcode.php b/src/Application/Model/d3backupcode.php index 3a2911f..35ea8fa 100644 --- a/src/Application/Model/d3backupcode.php +++ b/src/Application/Model/d3backupcode.php @@ -20,7 +20,6 @@ use OxidEsales\Eshop\Application\Model\User; use OxidEsales\Eshop\Core\DatabaseProvider; use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException; use OxidEsales\Eshop\Core\Model\BaseModel; -use OxidEsales\Eshop\Core\Registry; class d3backupcode extends BaseModel { diff --git a/src/Application/Model/d3totp_conf.php b/src/Application/Model/d3totp_conf.php index c11b392..54b8efa 100644 --- a/src/Application/Model/d3totp_conf.php +++ b/src/Application/Model/d3totp_conf.php @@ -17,10 +17,12 @@ namespace D3\Totp\Application\Model; class d3totp_conf { - public const OXID_ADMIN_AUTH = 'auth'; - public const OXID_FRONTEND_AUTH = 'usr'; - public const SESSION_AUTH = 'd3TotpAuth'; // has valid totp, user is logged in completly - public const SESSION_CURRENTUSER = 'd3TotpCurrentUser'; // oxid assigned to user from entered username - public const SESSION_CURRENTCLASS = 'd3TotpCurrentClass'; // oxid assigned to user from entered username - public const SESSION_NAVFORMPARAMS = 'd3totpNavFormParams'; + public const OXID_ADMIN_AUTH = 'auth'; + public const OXID_FRONTEND_AUTH = 'usr'; + public const SESSION_AUTH = 'd3Totp_auth'; // has valid totp, user is logged in completly + public const SESSION_CURRENTUSER = 'd3Totp_currentUser'; // oxid assigned to user from entered username + public const SESSION_CURRENTCLASS = 'd3Totp_currentClass'; // oxid assigned to user from entered username + public const SESSION_NAVFORMPARAMS = 'd3Totp_navFormParams'; + public const SESSION_ADMIN_AUTH = 'd3Totp_auth'; // has valid totp, user is logged in completly + public const SESSION_ADMIN_CURRENTUSER = 'd3Totp_currentUser'; // oxid assigned to user from entered username } \ No newline at end of file diff --git a/src/Modules/Application/Controller/Admin/d3_totp_LoginController.php b/src/Modules/Application/Controller/Admin/d3_totp_LoginController.php index 08c4934..d85afa4 100644 --- a/src/Modules/Application/Controller/Admin/d3_totp_LoginController.php +++ b/src/Modules/Application/Controller/Admin/d3_totp_LoginController.php @@ -63,7 +63,7 @@ class d3_totp_LoginController extends d3_totp_LoginController_parent $user = $this->d3TotpGetUserObject(); $user->logout(); - $this->d3TotpGetSession()->setVariable(d3totp_conf::SESSION_CURRENTUSER, $userId); + $this->d3TotpGetSession()->setVariable(d3totp_conf::SESSION_ADMIN_CURRENTUSER, $userId); return "d3totpadminlogin"; } @@ -77,7 +77,7 @@ class d3_totp_LoginController extends d3_totp_LoginController_parent public function d3TotpLoginMissing($totp) { return $totp->isActive() - && false == $this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_AUTH); + && false == $this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_ADMIN_AUTH); } /** diff --git a/src/Modules/Application/Controller/d3_totp_getUserTrait.php b/src/Modules/Application/Controller/d3_totp_getUserTrait.php index bdcb6a6..aa32e37 100644 --- a/src/Modules/Application/Controller/d3_totp_getUserTrait.php +++ b/src/Modules/Application/Controller/d3_totp_getUserTrait.php @@ -41,7 +41,8 @@ trait d3_totp_getUserTrait $totp->loadByUserId($oUser->getId()); if ($totp->isActive() - && !$this->d3TotpGetSessionObject()->getVariable(d3totp_conf::SESSION_AUTH) + && !$this->d3TotpGetSessionObject()->getVariable( + isAdmin() ? d3totp_conf::SESSION_ADMIN_AUTH : d3totp_conf::SESSION_AUTH) ) { return false; } diff --git a/src/Modules/Application/Model/d3_totp_user.php b/src/Modules/Application/Model/d3_totp_user.php index 8dfa303..955681c 100644 --- a/src/Modules/Application/Model/d3_totp_user.php +++ b/src/Modules/Application/Model/d3_totp_user.php @@ -28,6 +28,8 @@ class d3_totp_user extends d3_totp_user_parent $this->d3TotpGetSession()->deleteVariable(d3totp_conf::SESSION_AUTH); $this->d3TotpGetSession()->deleteVariable(d3totp_conf::SESSION_CURRENTUSER); + $this->d3TotpGetSession()->deleteVariable(d3totp_conf::SESSION_ADMIN_AUTH); + $this->d3TotpGetSession()->deleteVariable(d3totp_conf::SESSION_ADMIN_CURRENTUSER); return $return; } @@ -53,10 +55,13 @@ class d3_totp_user extends d3_totp_user_parent */ public function d3TotpGetCurrentUser(): ?string { - return $this->d3TotpGetSession()->hasVariable(d3totp_conf::SESSION_CURRENTUSER) ? - $this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_CURRENTUSER) : - ($this->isAdmin() ? - $this->d3TotpGetSession()->getVariable(d3totp_conf::OXID_ADMIN_AUTH) : + return $this->isAdmin() ? + ($this->d3TotpGetSession()->hasVariable(d3totp_conf::SESSION_ADMIN_CURRENTUSER) ? + $this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_ADMIN_CURRENTUSER) : + $this->d3TotpGetSession()->getVariable(d3totp_conf::OXID_ADMIN_AUTH)) + : + ($this->d3TotpGetSession()->hasVariable(d3totp_conf::SESSION_CURRENTUSER) ? + $this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_CURRENTUSER) : $this->d3TotpGetSession()->getVariable(d3totp_conf::OXID_FRONTEND_AUTH)); } } diff --git a/src/Modules/Core/d3_totp_utils.php b/src/Modules/Core/d3_totp_utils.php index a2b2fce..114e616 100644 --- a/src/Modules/Core/d3_totp_utils.php +++ b/src/Modules/Core/d3_totp_utils.php @@ -35,7 +35,7 @@ class d3_totp_utils extends d3_totp_utils_parent $blAuth = parent::checkAccessRights(); $blAuth = $this->d3AuthHook($blAuth); $userID = $this->d3TotpGetSessionObject()->getVariable("auth"); - $totpAuth = (bool) $this->d3TotpGetSessionObject()->getVariable(d3totp_conf::SESSION_AUTH); + $totpAuth = (bool) $this->d3TotpGetSessionObject()->getVariable(d3totp_conf::SESSION_ADMIN_AUTH); /** @var d3totp $totp */ $totp = $this->d3GetTotpObject(); $totp->loadByUserId($userID); diff --git a/src/tests/unit/Application/Controller/Admin/d3totpadminloginTest.php b/src/tests/unit/Application/Controller/Admin/d3totpadminloginTest.php index 5e84e3c..1eb7e7e 100644 --- a/src/tests/unit/Application/Controller/Admin/d3totpadminloginTest.php +++ b/src/tests/unit/Application/Controller/Admin/d3totpadminloginTest.php @@ -117,7 +117,7 @@ class d3totpadminloginTest extends d3TotpUnitTestCase ]) ->getMock(); $hasVariableMap = [ - [d3totp_conf::SESSION_AUTH, $hasAuthAlready] + [d3totp_conf::SESSION_ADMIN_AUTH, $hasAuthAlready] ]; $oSessionMock->method('hasVariable')->willReturnMap($hasVariableMap); @@ -174,7 +174,7 @@ class d3totpadminloginTest extends d3TotpUnitTestCase ->getMock(); $hasVariableMap = [ [d3totp_conf::OXID_ADMIN_AUTH, $hasAdminAuth], - [d3totp_conf::SESSION_CURRENTUSER, $hasCurrentUser], + [d3totp_conf::SESSION_ADMIN_CURRENTUSER, $hasCurrentUser], ]; $oSessionMock->method('hasVariable')->willReturnMap($hasVariableMap); @@ -488,7 +488,7 @@ class d3totpadminloginTest extends d3TotpUnitTestCase */ public function hasValidTotpTrueSessionVarname() { - Registry::getSession()->setVariable(d3totp_conf::SESSION_AUTH, true); + Registry::getSession()->setVariable(d3totp_conf::SESSION_ADMIN_AUTH, true); /** @var d3totp|MockObject $oTotpMock */ $oTotpMock = $this->getMockBuilder(d3totp::class) @@ -509,7 +509,7 @@ class d3totpadminloginTest extends d3TotpUnitTestCase */ public function hasValidTotpTrueValidTotp() { - Registry::getSession()->setVariable(d3totp_conf::SESSION_AUTH, false); + Registry::getSession()->setVariable(d3totp_conf::SESSION_ADMIN_AUTH, false); /** @var d3totp|MockObject $oTotpMock */ $oTotpMock = $this->getMockBuilder(d3totp::class) @@ -530,7 +530,7 @@ class d3totpadminloginTest extends d3TotpUnitTestCase */ public function hasValidTotpFalseMissingTotp() { - Registry::getSession()->setVariable(d3totp_conf::SESSION_AUTH, false); + Registry::getSession()->setVariable(d3totp_conf::SESSION_ADMIN_AUTH, false); /** @var d3totp|MockObject $oTotpMock */ $oTotpMock = $this->getMockBuilder(d3totp::class) @@ -550,7 +550,7 @@ class d3totpadminloginTest extends d3TotpUnitTestCase */ public function hasValidTotpFalseUnverifiedTotp() { - Registry::getSession()->setVariable(d3totp_conf::SESSION_AUTH, false); + Registry::getSession()->setVariable(d3totp_conf::SESSION_ADMIN_AUTH, false); /** @var d3totp|MockObject $oTotpMock */ $oTotpMock = $this->getMockBuilder(d3totp::class) diff --git a/src/tests/unit/Application/Controller/d3totploginTest.php b/src/tests/unit/Application/Controller/d3totploginTest.php index 39d092e..02cd912 100644 --- a/src/tests/unit/Application/Controller/d3totploginTest.php +++ b/src/tests/unit/Application/Controller/d3totploginTest.php @@ -16,7 +16,6 @@ namespace D3\Totp\tests\unit\Application\Controller; use D3\TestingTools\Development\CanAccessRestricted; use D3\Totp\Application\Controller\d3totplogin; use D3\Totp\Application\Model\d3backupcodelist; -use D3\Totp\Application\Model\d3totp; use D3\Totp\Application\Model\d3totp_conf; use D3\Totp\tests\unit\d3TotpUnitTestCase; use OxidEsales\Eshop\Core\Registry; diff --git a/src/tests/unit/Application/Model/d3backupcodeTest.php b/src/tests/unit/Application/Model/d3backupcodeTest.php index 1689691..1ecdede 100644 --- a/src/tests/unit/Application/Model/d3backupcodeTest.php +++ b/src/tests/unit/Application/Model/d3backupcodeTest.php @@ -15,7 +15,6 @@ namespace D3\Totp\tests\unit\Application\Model; use D3\TestingTools\Development\CanAccessRestricted; use D3\Totp\Application\Model\d3backupcode; -use D3\Totp\Application\Model\d3totp; use D3\Totp\Application\Model\d3totp_conf; use D3\Totp\tests\unit\d3TotpUnitTestCase; use OxidEsales\Eshop\Application\Model\User; diff --git a/src/tests/unit/Modules/Application/Controller/Admin/d3_totp_LoginControllerTest.php b/src/tests/unit/Modules/Application/Controller/Admin/d3_totp_LoginControllerTest.php index c011b15..8438f4c 100644 --- a/src/tests/unit/Modules/Application/Controller/Admin/d3_totp_LoginControllerTest.php +++ b/src/tests/unit/Modules/Application/Controller/Admin/d3_totp_LoginControllerTest.php @@ -193,7 +193,7 @@ class d3_totp_LoginControllerTest extends d3TotpUnitTestCase $oSessionMock = $this->getMockBuilder(Session::class) ->onlyMethods(['getVariable']) ->getMock(); - $oSessionMock->method('getVariable')->with(d3totp_conf::SESSION_AUTH)->willReturn($loggedin); + $oSessionMock->method('getVariable')->with(d3totp_conf::SESSION_ADMIN_AUTH)->willReturn($loggedin); /** @var d3_totp_LoginController|MockObject $oControllerMock */ $oControllerMock = $this->getMockBuilder(d3_totp_LoginController::class) diff --git a/src/tests/unit/Modules/Application/Model/d3_totp_userTest.php b/src/tests/unit/Modules/Application/Model/d3_totp_userTest.php index 63c2a99..c683af5 100644 --- a/src/tests/unit/Modules/Application/Model/d3_totp_userTest.php +++ b/src/tests/unit/Modules/Application/Model/d3_totp_userTest.php @@ -123,6 +123,7 @@ class d3_totp_userTest extends d3TotpUnitTestCase $oSessionMock->expects($this->once())->method('hasVariable')->willReturn((bool) $currentUser); $getVariableMap = [ [d3totp_conf::SESSION_CURRENTUSER, $currentUser], + [d3totp_conf::SESSION_ADMIN_CURRENTUSER, $currentUser], [d3totp_conf::OXID_ADMIN_AUTH, $adminAuth], [d3totp_conf::OXID_FRONTEND_AUTH, $frontendAuth], ]; @@ -152,9 +153,10 @@ class d3_totp_userTest extends d3TotpUnitTestCase public function d3TotpGetCurrentUserTestDataProvider(): array { return [ - 'login request' => ['currentFixture', true, 'adminFixture', 'frontendFixture', 'currentFixture'], - 'admin auth' => [null, true, 'adminFixture', 'frontendFixture', 'adminFixture'], - 'frontend auth' => [null, false, 'adminFixture', 'frontendFixture', 'frontendFixture'], + 'adm login request' => ['currentFixture', true, 'adminFixture', 'frontendFixture', 'currentFixture'], + 'frnt login request' => ['currentFixture', false, 'adminFixture', 'frontendFixture', 'currentFixture'], + 'admin auth' => [null, true, 'adminFixture', 'frontendFixture', 'adminFixture'], + 'frontend auth' => [null, false, 'adminFixture', 'frontendFixture', 'frontendFixture'], ]; } }