diff --git a/src/Application/Controller/Admin/d3totpadminlogin.php b/src/Application/Controller/Admin/d3totpadminlogin.php new file mode 100755 index 0000000..ecfde7f --- /dev/null +++ b/src/Application/Controller/Admin/d3totpadminlogin.php @@ -0,0 +1,179 @@ + + * @link https://www.oxidmodule.com + */ + +declare(strict_types=1); + +namespace D3\Totp\Application\Controller\Admin; + +use D3\Totp\Application\Model\d3backupcodelist; +use D3\Totp\Application\Model\d3totp; +use D3\Totp\Application\Model\d3totp_conf; +use D3\Totp\Application\Model\Exceptions\d3totp_wrongOtpException; +use OxidEsales\Eshop\Application\Controller\Admin\AdminController; +use OxidEsales\Eshop\Application\Model\User; +use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException; +use OxidEsales\Eshop\Core\Registry; +use OxidEsales\Eshop\Core\Utils; + +class d3totpadminlogin extends AdminController +{ + protected $_sThisTemplate = 'd3totpadminlogin.tpl'; + + /** + * @return bool + */ + protected function _authorize(): bool + { + return true; + } + + /** + * @return string + */ + public function render(): string + { + if (Registry::getSession()->hasVariable(d3totp_conf::SESSION_AUTH) || + !Registry::getSession()->hasVariable(d3totp_conf::SESSION_CURRENTUSER) + ) { + $this->getUtils()->redirect('index.php?cl=admin_start'); + if (!defined('OXID_PHP_UNIT')) { + // @codeCoverageIgnoreStart + exit; + // @codeCoverageIgnoreEnd + } + } + + if (!Registry::getSession()->hasVariable(d3totp_conf::SESSION_CURRENTUSER)) { + $this->getUtils()->redirect('index.php?cl=login'); + } + + return parent::render(); + } + + /** + * @return d3backupcodelist + */ + public function d3GetBackupCodeListObject() + { + return oxNew(d3backupcodelist::class); + } + + /** + * @return string|void + * @throws DatabaseConnectionException + */ + public function getBackupCodeCountMessage() + { + $oBackupCodeList = $this->d3GetBackupCodeListObject(); + $iCount = $oBackupCodeList->getAvailableCodeCount(Registry::getSession()->getVariable(d3totp_conf::SESSION_CURRENTUSER)); + + if ($iCount < 4) { + return sprintf( + Registry::getLang()->translateString('D3_TOTP_AVAILBACKUPCODECOUNT'), + $iCount + ); + } + } + + public function d3CancelLogin() + { + $oUser = $this->d3GetUserObject(); + $oUser->logout(); + return "login"; + } + + /** + * @return d3totp + */ + public function d3GetTotpObject() + { + return oxNew(d3totp::class); + } + + /** + * @return User + */ + public function d3GetUserObject() + { + return oxNew(User::class); + } + + public function checklogin() + { + $session = Registry::getSession(); + $userId = $session->getVariable(d3totp_conf::SESSION_CURRENTUSER); + + try { + $sTotp = Registry::getRequest()->getRequestEscapedParameter('d3totp'); + + $totp = $this->d3GetTotpObject(); + $totp->loadByUserId($userId); + + $this->d3TotpHasValidTotp($sTotp, $totp); + + $adminProfiles = $session->getVariable("aAdminProfiles"); + + $session->initNewSession(); + $session->setVariable("aAdminProfiles", $adminProfiles); + $session->setVariable('auth', $userId); + $session->setVariable(d3totp_conf::SESSION_AUTH, true); + + return "admin_start"; + } catch (d3totp_wrongOtpException $e) { + Registry::getUtilsView()->addErrorToDisplay($e); + Registry::getLogger()->error($e->getMessage(), ['UserId' => $userId]); + Registry::getLogger()->debug($e->getTraceAsString()); + } + } + + /** + * @param string $sTotp + * @param d3totp $totp + * @return bool + * @throws DatabaseConnectionException + * @throws d3totp_wrongOtpException + */ + public function d3TotpHasValidTotp($sTotp, $totp) + { + return Registry::getSession()->getVariable(d3totp_conf::SESSION_AUTH) || + ( + $sTotp && $totp->verify($sTotp) + ); + } + + /** + * @return Utils + */ + public function getUtils(): Utils + { + return Registry::getUtils(); + } + + /** + * Returns Bread Crumb - you are here page1/page2/page3... + * + * @return array + */ + public function getBreadCrumb(): array + { + $aPaths = []; + $aPath = []; + $iBaseLanguage = Registry::getLang()->getBaseLanguage(); + $aPath['title'] = Registry::getLang()->translateString('D3_WEBAUTHN_BREADCRUMB', $iBaseLanguage, false); + $aPath['link'] = $this->getLink(); + + $aPaths[] = $aPath; + + return $aPaths; + } +} \ No newline at end of file diff --git a/src/Application/Controller/d3totplogin.php b/src/Application/Controller/d3totplogin.php index 31e9dc1..45f4c65 100644 --- a/src/Application/Controller/d3totplogin.php +++ b/src/Application/Controller/d3totplogin.php @@ -17,6 +17,7 @@ namespace D3\Totp\Application\Controller; use D3\Totp\Application\Model\d3backupcodelist; use D3\Totp\Application\Model\d3totp; +use D3\Totp\Application\Model\d3totp_conf; use OxidEsales\Eshop\Application\Controller\FrontendController; use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException; use OxidEsales\Eshop\Core\Registry; @@ -28,8 +29,8 @@ class d3totplogin extends FrontendController public function render() { - if (Registry::getSession()->hasVariable(d3totp::TOTP_SESSION_VARNAME) || - false == Registry::getSession()->hasVariable(d3totp::TOTP_SESSION_CURRENTUSER) + if (Registry::getSession()->hasVariable(d3totp_conf::SESSION_AUTH) || + false == Registry::getSession()->hasVariable(d3totp_conf::SESSION_CURRENTUSER) ) { $this->getUtils()->redirect('index.php?cl=start'); if (false == defined('OXID_PHP_UNIT')) { @@ -39,7 +40,7 @@ class d3totplogin extends FrontendController } } - $this->addTplParam('navFormParams', Registry::getSession()->getVariable(d3totp::TOTP_SESSION_NAVFORMPARAMS)); + $this->addTplParam('navFormParams', Registry::getSession()->getVariable(d3totp_conf::SESSION_NAVFORMPARAMS)); return parent::render(); } @@ -59,7 +60,7 @@ class d3totplogin extends FrontendController public function getBackupCodeCountMessage() { $oBackupCodeList = $this->getBackupCodeListObject(); - $iCount = $oBackupCodeList->getAvailableCodeCount(Registry::getSession()->getVariable(d3totp::TOTP_SESSION_CURRENTUSER)); + $iCount = $oBackupCodeList->getAvailableCodeCount(Registry::getSession()->getVariable(d3totp_conf::SESSION_CURRENTUSER)); if ($iCount < 4) { return sprintf( @@ -79,12 +80,12 @@ class d3totplogin extends FrontendController public function getPreviousClass() { - return Registry::getSession()->getVariable(d3totp::TOTP_SESSION_CURRENTCLASS); + return Registry::getSession()->getVariable(d3totp_conf::SESSION_CURRENTCLASS); } public function previousClassIsOrderStep(): bool { - $sClassKey = Registry::getSession()->getVariable(d3totp::TOTP_SESSION_CURRENTCLASS); + $sClassKey = Registry::getSession()->getVariable(d3totp_conf::SESSION_CURRENTCLASS); $resolvedClass = Registry::getControllerClassNameResolver()->getClassNameById($sClassKey); $resolvedClass = $resolvedClass ?: 'start'; diff --git a/src/Application/Model/d3backupcode.php b/src/Application/Model/d3backupcode.php index 5308943..359bab7 100644 --- a/src/Application/Model/d3backupcode.php +++ b/src/Application/Model/d3backupcode.php @@ -74,7 +74,7 @@ class d3backupcode extends BaseModel return $this->getUser(); } - $sUserId = Registry::getSession()->getVariable(d3totp::TOTP_SESSION_CURRENTUSER); + $sUserId = Registry::getSession()->getVariable(d3totp_conf::SESSION_CURRENTUSER); $oUser = oxNew(User::class); $oUser->load($sUserId); return $oUser; diff --git a/src/Application/Model/d3totp.php b/src/Application/Model/d3totp.php index 7c0a97b..5ac72be 100644 --- a/src/Application/Model/d3totp.php +++ b/src/Application/Model/d3totp.php @@ -29,11 +29,6 @@ use OxidEsales\Eshop\Core\Registry; class d3totp extends BaseModel { - public const TOTP_SESSION_VARNAME = 'totp_auth'; - public const TOTP_SESSION_CURRENTUSER = 'd3totpCurrentUser'; - public const TOTP_SESSION_CURRENTCLASS = 'd3totpCurrentClass'; - public const TOTP_SESSION_NAVFORMPARAMS = 'd3totpNavFormParams'; - public $tableName = 'd3totp'; public $userId; public $totp; diff --git a/src/Application/Model/d3totp_conf.php b/src/Application/Model/d3totp_conf.php new file mode 100644 index 0000000..4f923c1 --- /dev/null +++ b/src/Application/Model/d3totp_conf.php @@ -0,0 +1,24 @@ + + * @link https://www.oxidmodule.com + */ + +declare(strict_types=1); + +namespace D3\Totp\Application\Model; + +class d3totp_conf +{ + public const SESSION_AUTH = 'd3TotpAuth'; // has valid totp, user is logged in completly + public const SESSION_CURRENTUSER = 'd3TotpCurrentUser'; // oxid assigned to user from entered username + public const SESSION_CURRENTCLASS = 'd3TotpCurrentClass'; // oxid assigned to user from entered username + public const SESSION_NAVFORMPARAMS = 'd3totpNavFormParams'; +} \ No newline at end of file diff --git a/src/Application/views/admin/tpl/d3totplogin.tpl b/src/Application/views/admin/tpl/d3totplogin.tpl new file mode 100644 index 0000000..e0233cc --- /dev/null +++ b/src/Application/views/admin/tpl/d3totplogin.tpl @@ -0,0 +1,88 @@ + + +
+