8
0

go to last controller after successful login

Dieser Commit ist enthalten in:
Daniel Seifert 2022-11-02 22:31:49 +01:00
Ursprung 712f3072cc
Commit beefe01227
Signiert von: DanielS
GPG-Schlüssel-ID: 6A513E13AEE66170
5 geänderte Dateien mit 55 neuen und 49 gelöschten Zeilen

Datei anzeigen

@ -94,7 +94,7 @@ class d3webauthnadminlogin extends AdminController
}
}
public function assertAuthn()
public function d3AssertAuthn()
{
/** @var d3_User_Webauthn $user */
$user = oxNew(User::class);

Datei anzeigen

@ -15,20 +15,12 @@
namespace D3\Webauthn\Application\Controller;
use Assert\AssertionFailedException;
use D3\Webauthn\Application\Model\Webauthn;
use D3\Webauthn\Application\Model\WebauthnConf;
use D3\Webauthn\Application\Model\WebauthnErrors;
use D3\Webauthn\Application\Model\WebauthnException;
use D3\Webauthn\Modules\Application\Component\d3_webauthn_UserComponent;
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
use Doctrine\DBAL\Exception as DoctrineException;
use OxidEsales\Eshop\Application\Controller\FrontendController;
use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
use OxidEsales\Eshop\Core\Exception\DatabaseErrorException;
use OxidEsales\Eshop\Core\Exception\StandardException;
use OxidEsales\Eshop\Core\Registry;
use OxidEsales\Eshop\Core\Utils;
use Psr\Container\ContainerExceptionInterface;
@ -38,11 +30,21 @@ class d3webauthnlogin extends FrontendController
{
protected $_sThisTemplate = 'd3webauthnlogin.tpl';
public function getNavigationParams()
{
$navparams = Registry::getSession()->getVariable(
WebauthnConf::WEBAUTHN_SESSION_NAVPARAMS
);
return array_merge(
$navparams,
['cl' => $navparams['actcontrol']]
);
}
/**
* @return null
* @throws ContainerExceptionInterface
* @throws DatabaseConnectionException
* @throws DatabaseErrorException
* @throws DoctrineDriverException
* @throws DoctrineException
* @throws NotFoundExceptionInterface
@ -93,41 +95,6 @@ class d3webauthnlogin extends FrontendController
$this->addTplParam('isAdmin', isAdmin());
}
public function assertAuthn()
{
/** @var d3_User_Webauthn $user */
$user = oxNew(User::class);
try {
if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) {
$errors = oxNew(WebauthnErrors::class);
throw oxNew(
WebauthnException::class,
$errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'), WebauthnConf::TYPE_GET)
);
}
if (strlen(Registry::getRequest()->getRequestEscapedParameter('credential'))) {
$credential = Registry::getRequest()->getRequestEscapedParameter('credential');
$webAuthn = oxNew(Webauthn::class);
$webAuthn->assertAuthn($credential);
$user->load(Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER));
/** @var d3_webauthn_UserComponent $userCmp */
$userCmp = $this->getComponent('oxcmp_user');
$userCmp->d3WebauthnRelogin($user, $credential);
}
} catch (AssertionFailedException|WebauthnException $e) {
Registry::getUtilsView()->addErrorToDisplay($e->getMessage());
// ToDo: add requested username
Registry::getLogger()->info($e->getMessage());
$user->logout();
$this->getUtils()->redirect('index.php?cl=start');
}
}
/**
* @return Utils
*/

Datei anzeigen

@ -23,6 +23,7 @@ class WebauthnConf
public const WEBAUTHN_SESSION_LOGINUSER = 'd3webauthnLoginUser'; // username entered in login form
public const WEBAUTHN_SESSION_CURRENTCLASS = 'd3webauthnCurrentClass'; // no usage
public const WEBAUTHN_SESSION_NAVFORMPARAMS = 'd3webauthnNavFormParams'; // no usage
public const WEBAUTHN_SESSION_NAVPARAMS = 'd3webauthnNavigationParams'; // no usage
public const GLOBAL_SWITCH = 'blDisableWebauthnGlobally';

Datei anzeigen

@ -13,14 +13,14 @@
[{assign var="formNavParams" value=""}]
[{else}]
[{assign var="action" value=$oViewConf->getSelfActionLink()}]
[{assign var="formNavParams" value=""}]
[{assign var="formNavParams" value=$oViewConf->getNavFormParams()}]
[{/if}]
<form id="webauthn" action="[{$action}]" method="post">
[{$oViewConf->getHiddenSid()}]
[{$formNavParams}]
<input type="hidden" name="fnc" value="assertAuthn">
<input type="hidden" name="cl" value="[{$oViewConf->getActiveClassName()}]">
[{$formNavParams}]
<input type="hidden" name="fnc" value="d3AssertAuthn">
<input type="hidden" name="credential" value=''>
<input type="hidden" name="error" value=''>
</form>

Datei anzeigen

@ -18,6 +18,7 @@ namespace D3\Webauthn\Modules\Application\Component;
use Assert\AssertionFailedException;
use D3\Webauthn\Application\Model\WebauthnConf;
use D3\Webauthn\Application\Model\Webauthn;
use D3\Webauthn\Application\Model\WebauthnErrors;
use D3\Webauthn\Application\Model\WebauthnException;
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
@ -62,6 +63,11 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER,
$userId
);
Registry::getSession()->setVariable(
WebauthnConf::WEBAUTHN_SESSION_NAVPARAMS,
$this->getParent()->getNavigationParams()
);
Registry::getSession()->setVariable(
WebauthnConf::WEBAUTHN_SESSION_NAVFORMPARAMS,
$this->getParent()->getViewConfig()->getNavFormParams()
@ -170,4 +176,36 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
{
return Registry::getSession();
}
public function d3AssertAuthn()
{
/** @var d3_User_Webauthn $user */
$user = oxNew(User::class);
try {
if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) {
$errors = oxNew(WebauthnErrors::class);
throw oxNew(
WebauthnException::class,
$errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'), WebauthnConf::TYPE_GET)
);
}
if (strlen(Registry::getRequest()->getRequestEscapedParameter('credential'))) {
$credential = Registry::getRequest()->getRequestEscapedParameter('credential');
$webAuthn = oxNew(Webauthn::class);
$webAuthn->assertAuthn($credential);
$user->load(Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER));
$this->d3WebauthnRelogin($user, $credential);
}
} catch (AssertionFailedException|WebauthnException $e) {
Registry::getUtilsView()->addErrorToDisplay($e->getMessage());
// ToDo: add requested username
Registry::getLogger()->info($e->getMessage());
$user->logout();
Registry::getUtils()->redirect('index.php?cl=start');
}
}
}