allow additional password based login

2022-11-01 21:43:55 +01:00 · 2022-11-01 21:43:55 +01:00 · b9378ab03a
parent 5ed13d13d9
commit b9378ab03a
5 changed files with 5 additions and 83 deletions
--- a/src/IntelliSenseHelper.php
+++ b/src/IntelliSenseHelper.php
@ -47,11 +47,4 @@ namespace D3\Webauthn\Modules\Application\Model
    use OxidEsales\Eshop\Application\Model\User;

    class d3_User_Webauthn_parent extends User {}
-}
-
-namespace D3\Webauthn\Modules\Core
-{
-    use OxidEsales\Eshop\Core\Utils;
-
-    class d3_webauthn_utils_parent extends Utils {}
 }
--- a/src/Modules/Application/Component/d3_webauthn_UserComponent.php
+++ b/src/Modules/Application/Component/d3_webauthn_UserComponent.php
@ -44,11 +44,12 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
    public function login_noredirect()
    {
        $lgn_user = Registry::getRequest()->getRequestParameter('lgn_usr');
+        $password = Registry::getConfig()->getRequestParameter('lgn_pwd', true);
        /** @var d3_User_Webauthn $user */
        $user = oxNew(User::class);
        $userId = $user->d3GetLoginUserId($lgn_user);

-        if ($lgn_user && $userId) {
+        if ($lgn_user && $userId && !strlen(trim($password))) {
            $webauthn = $this->d3GetWebauthnObject();

            if ($webauthn->isActive($userId)
--- a/src/Modules/Application/Controller/Admin/d3_LoginController_Webauthn.php
+++ b/src/Modules/Application/Controller/Admin/d3_LoginController_Webauthn.php
@ -53,13 +53,15 @@ class d3_LoginController_Webauthn extends d3_LoginController_Webauthn_parent
    {
        $lgn_user = Registry::getRequest()->getRequestParameter('user') ?:
            Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_LOGINUSER);
+        $password = Registry::getRequest()->getRequestParameter('pwd', true);

        /** @var d3_User_Webauthn $user */
        $user = $this->d3GetUserObject();
        $userId = $user->d3GetLoginUserId($lgn_user, 'malladmin');

        if ($lgn_user && $userId &&
-            false === Registry::getSession()->hasVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH)
+            false === Registry::getSession()->hasVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH) &&
+            !strlen(trim($password))
        ) {
            $webauthn = $this->d3GetWebauthnObject();

--- a/src/Modules/Core/d3_webauthn_utils.php
+++ b/src/Modules/Core/d3_webauthn_utils.php
@ -1,73 +0,0 @@
-<?php
-
-/**
- * This Software is the property of Data Development and is protected
- * by copyright law - it is NOT Freeware.
- * Any unauthorized use of this software without a valid license
- * is a violation of the license agreement and will be prosecuted by
- * civil and criminal law.
- * http://www.shopmodule.com
- *
- * @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
- * @author    D3 Data Development - Daniel Seifert <support@shopmodule.com>
- * @link      http://www.oxidmodule.com
- */
-
-namespace D3\Webauthn\Modules\Core;
-
-use D3\Webauthn\Application\Model\Webauthn;
-use D3\Webauthn\Application\Model\WebauthnConf;
-use Doctrine\DBAL\DBALException;
-use Doctrine\DBAL\Driver\Exception;
-use Doctrine\DBAL\Exception as DoctrineException;
-use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
-use OxidEsales\Eshop\Core\Registry;
-use OxidEsales\Eshop\Core\Session;
-use Psr\Container\ContainerExceptionInterface;
-use Psr\Container\NotFoundExceptionInterface;
-
-class d3_webauthn_utils extends d3_webauthn_utils_parent
-{
-    /**
-     * @return bool
-     * @throws Exception
-     * @throws DoctrineException
-     * @throws ContainerExceptionInterface
-     * @throws NotFoundExceptionInterface
-     */
-    public function checkAccessRights()
-    {
-        $blAuth = parent::checkAccessRights();
-
-        $userID = $this->d3GetSessionObject()->getVariable("auth");
-        $webauthnAuth = (bool) $this->d3GetSessionObject()->getVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH);
-        $webauthn = $this->d3GetWebauthnObject();
-
-        if ($blAuth && $webauthn->isActive($userID) && false === $webauthnAuth) {
-            $this->redirect('index.php?cl=login', true, 302);
-            if (!defined('OXID_PHP_UNIT')) {
-                // @codeCoverageIgnoreStart
-                exit;
-                // @codeCoverageIgnoreEnd
-            }
-        }
-
-        return $blAuth;
-    }
-
-    /**
-     * @return Session
-     */
-    public function d3GetSessionObject(): Session
-    {
-        return Registry::getSession();
-    }
-
-    /**
-     * @return Webauthn
-     */
-    public function d3GetWebauthnObject(): Webauthn
-    {
-        return oxNew(Webauthn::class);
-    }
-}
--- a/src/metadata.php
+++ b/src/metadata.php
@ -66,7 +66,6 @@ $aModule = array(
        OrderController::class => d3_webauthn_OrderController::class,
        OxidModel\User::class  => d3_User_Webauthn::class,
        LoginController::class => d3_LoginController_Webauthn::class,
-        Utils::class           => d3_webauthn_utils::class,
        UserComponent::class   => d3_webauthn_UserComponent::class,
    ],
    'controllers'   => [