go to last controller after successful login
This commit is contained in:
parent
712f3072cc
commit
beefe01227
GPG Key ID:
6A513E13AEE66170
@ -94,7 +94,7 @@ class d3webauthnadminlogin extends AdminController
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function assertAuthn()
|
public function d3AssertAuthn()
|
||||||
{
|
{
|
||||||
/** @var d3_User_Webauthn $user */
|
/** @var d3_User_Webauthn $user */
|
||||||
$user = oxNew(User::class);
|
$user = oxNew(User::class);
|
||||||
|
|||||||
@ -15,20 +15,12 @@
|
|||||||
|
|
||||||
namespace D3\Webauthn\Application\Controller;
|
namespace D3\Webauthn\Application\Controller;
|
||||||
|
|
||||||
use Assert\AssertionFailedException;
|
|
||||||
use D3\Webauthn\Application\Model\Webauthn;
|
use D3\Webauthn\Application\Model\Webauthn;
|
||||||
use D3\Webauthn\Application\Model\WebauthnConf;
|
use D3\Webauthn\Application\Model\WebauthnConf;
|
||||||
use D3\Webauthn\Application\Model\WebauthnErrors;
|
|
||||||
use D3\Webauthn\Application\Model\WebauthnException;
|
use D3\Webauthn\Application\Model\WebauthnException;
|
||||||
use D3\Webauthn\Modules\Application\Component\d3_webauthn_UserComponent;
|
|
||||||
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
|
|
||||||
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
|
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
|
||||||
use Doctrine\DBAL\Exception as DoctrineException;
|
use Doctrine\DBAL\Exception as DoctrineException;
|
||||||
use OxidEsales\Eshop\Application\Controller\FrontendController;
|
use OxidEsales\Eshop\Application\Controller\FrontendController;
|
||||||
use OxidEsales\Eshop\Application\Model\User;
|
|
||||||
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
|
|
||||||
use OxidEsales\Eshop\Core\Exception\DatabaseErrorException;
|
|
||||||
use OxidEsales\Eshop\Core\Exception\StandardException;
|
|
||||||
use OxidEsales\Eshop\Core\Registry;
|
use OxidEsales\Eshop\Core\Registry;
|
||||||
use OxidEsales\Eshop\Core\Utils;
|
use OxidEsales\Eshop\Core\Utils;
|
||||||
use Psr\Container\ContainerExceptionInterface;
|
use Psr\Container\ContainerExceptionInterface;
|
||||||
@ -38,11 +30,21 @@ class d3webauthnlogin extends FrontendController
|
|||||||
{
|
{
|
||||||
protected $_sThisTemplate = 'd3webauthnlogin.tpl';
|
protected $_sThisTemplate = 'd3webauthnlogin.tpl';
|
||||||
|
|
||||||
|
public function getNavigationParams()
|
||||||
|
{
|
||||||
|
$navparams = Registry::getSession()->getVariable(
|
||||||
|
WebauthnConf::WEBAUTHN_SESSION_NAVPARAMS
|
||||||
|
);
|
||||||
|
|
||||||
|
return array_merge(
|
||||||
|
$navparams,
|
||||||
|
['cl' => $navparams['actcontrol']]
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return null
|
* @return null
|
||||||
* @throws ContainerExceptionInterface
|
* @throws ContainerExceptionInterface
|
||||||
* @throws DatabaseConnectionException
|
|
||||||
* @throws DatabaseErrorException
|
|
||||||
* @throws DoctrineDriverException
|
* @throws DoctrineDriverException
|
||||||
* @throws DoctrineException
|
* @throws DoctrineException
|
||||||
* @throws NotFoundExceptionInterface
|
* @throws NotFoundExceptionInterface
|
||||||
@ -93,41 +95,6 @@ class d3webauthnlogin extends FrontendController
|
|||||||
$this->addTplParam('isAdmin', isAdmin());
|
$this->addTplParam('isAdmin', isAdmin());
|
||||||
}
|
}
|
||||||
|
|
||||||
public function assertAuthn()
|
|
||||||
{
|
|
||||||
/** @var d3_User_Webauthn $user */
|
|
||||||
$user = oxNew(User::class);
|
|
||||||
|
|
||||||
try {
|
|
||||||
if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) {
|
|
||||||
$errors = oxNew(WebauthnErrors::class);
|
|
||||||
throw oxNew(
|
|
||||||
WebauthnException::class,
|
|
||||||
$errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'), WebauthnConf::TYPE_GET)
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (strlen(Registry::getRequest()->getRequestEscapedParameter('credential'))) {
|
|
||||||
$credential = Registry::getRequest()->getRequestEscapedParameter('credential');
|
|
||||||
$webAuthn = oxNew(Webauthn::class);
|
|
||||||
$webAuthn->assertAuthn($credential);
|
|
||||||
$user->load(Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER));
|
|
||||||
|
|
||||||
/** @var d3_webauthn_UserComponent $userCmp */
|
|
||||||
$userCmp = $this->getComponent('oxcmp_user');
|
|
||||||
$userCmp->d3WebauthnRelogin($user, $credential);
|
|
||||||
}
|
|
||||||
|
|
||||||
} catch (AssertionFailedException|WebauthnException $e) {
|
|
||||||
Registry::getUtilsView()->addErrorToDisplay($e->getMessage());
|
|
||||||
// ToDo: add requested username
|
|
||||||
Registry::getLogger()->info($e->getMessage());
|
|
||||||
|
|
||||||
$user->logout();
|
|
||||||
$this->getUtils()->redirect('index.php?cl=start');
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return Utils
|
* @return Utils
|
||||||
*/
|
*/
|
||||||
|
|||||||
@ -23,6 +23,7 @@ class WebauthnConf
|
|||||||
public const WEBAUTHN_SESSION_LOGINUSER = 'd3webauthnLoginUser'; // username entered in login form
|
public const WEBAUTHN_SESSION_LOGINUSER = 'd3webauthnLoginUser'; // username entered in login form
|
||||||
public const WEBAUTHN_SESSION_CURRENTCLASS = 'd3webauthnCurrentClass'; // no usage
|
public const WEBAUTHN_SESSION_CURRENTCLASS = 'd3webauthnCurrentClass'; // no usage
|
||||||
public const WEBAUTHN_SESSION_NAVFORMPARAMS = 'd3webauthnNavFormParams'; // no usage
|
public const WEBAUTHN_SESSION_NAVFORMPARAMS = 'd3webauthnNavFormParams'; // no usage
|
||||||
|
public const WEBAUTHN_SESSION_NAVPARAMS = 'd3webauthnNavigationParams'; // no usage
|
||||||
|
|
||||||
public const GLOBAL_SWITCH = 'blDisableWebauthnGlobally';
|
public const GLOBAL_SWITCH = 'blDisableWebauthnGlobally';
|
||||||
|
|
||||||
|
|||||||
@ -13,14 +13,14 @@
|
|||||||
[{assign var="formNavParams" value=""}]
|
[{assign var="formNavParams" value=""}]
|
||||||
[{else}]
|
[{else}]
|
||||||
[{assign var="action" value=$oViewConf->getSelfActionLink()}]
|
[{assign var="action" value=$oViewConf->getSelfActionLink()}]
|
||||||
[{assign var="formNavParams" value=""}]
|
[{assign var="formNavParams" value=$oViewConf->getNavFormParams()}]
|
||||||
[{/if}]
|
[{/if}]
|
||||||
|
|
||||||
<form id="webauthn" action="[{$action}]" method="post">
|
<form id="webauthn" action="[{$action}]" method="post">
|
||||||
[{$oViewConf->getHiddenSid()}]
|
[{$oViewConf->getHiddenSid()}]
|
||||||
[{$formNavParams}]
|
|
||||||
<input type="hidden" name="fnc" value="assertAuthn">
|
|
||||||
<input type="hidden" name="cl" value="[{$oViewConf->getActiveClassName()}]">
|
<input type="hidden" name="cl" value="[{$oViewConf->getActiveClassName()}]">
|
||||||
|
[{$formNavParams}]
|
||||||
|
<input type="hidden" name="fnc" value="d3AssertAuthn">
|
||||||
<input type="hidden" name="credential" value=''>
|
<input type="hidden" name="credential" value=''>
|
||||||
<input type="hidden" name="error" value=''>
|
<input type="hidden" name="error" value=''>
|
||||||
</form>
|
</form>
|
||||||
|
|||||||
@ -18,6 +18,7 @@ namespace D3\Webauthn\Modules\Application\Component;
|
|||||||
use Assert\AssertionFailedException;
|
use Assert\AssertionFailedException;
|
||||||
use D3\Webauthn\Application\Model\WebauthnConf;
|
use D3\Webauthn\Application\Model\WebauthnConf;
|
||||||
use D3\Webauthn\Application\Model\Webauthn;
|
use D3\Webauthn\Application\Model\Webauthn;
|
||||||
|
use D3\Webauthn\Application\Model\WebauthnErrors;
|
||||||
use D3\Webauthn\Application\Model\WebauthnException;
|
use D3\Webauthn\Application\Model\WebauthnException;
|
||||||
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
|
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
|
||||||
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
|
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
|
||||||
@ -62,6 +63,11 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
|
|||||||
WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER,
|
WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER,
|
||||||
$userId
|
$userId
|
||||||
);
|
);
|
||||||
|
|
||||||
|
Registry::getSession()->setVariable(
|
||||||
|
WebauthnConf::WEBAUTHN_SESSION_NAVPARAMS,
|
||||||
|
$this->getParent()->getNavigationParams()
|
||||||
|
);
|
||||||
Registry::getSession()->setVariable(
|
Registry::getSession()->setVariable(
|
||||||
WebauthnConf::WEBAUTHN_SESSION_NAVFORMPARAMS,
|
WebauthnConf::WEBAUTHN_SESSION_NAVFORMPARAMS,
|
||||||
$this->getParent()->getViewConfig()->getNavFormParams()
|
$this->getParent()->getViewConfig()->getNavFormParams()
|
||||||
@ -170,4 +176,36 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
|
|||||||
{
|
{
|
||||||
return Registry::getSession();
|
return Registry::getSession();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function d3AssertAuthn()
|
||||||
|
{
|
||||||
|
/** @var d3_User_Webauthn $user */
|
||||||
|
$user = oxNew(User::class);
|
||||||
|
|
||||||
|
try {
|
||||||
|
if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) {
|
||||||
|
$errors = oxNew(WebauthnErrors::class);
|
||||||
|
throw oxNew(
|
||||||
|
WebauthnException::class,
|
||||||
|
$errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'), WebauthnConf::TYPE_GET)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (strlen(Registry::getRequest()->getRequestEscapedParameter('credential'))) {
|
||||||
|
$credential = Registry::getRequest()->getRequestEscapedParameter('credential');
|
||||||
|
$webAuthn = oxNew(Webauthn::class);
|
||||||
|
$webAuthn->assertAuthn($credential);
|
||||||
|
$user->load(Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER));
|
||||||
|
$this->d3WebauthnRelogin($user, $credential);
|
||||||
|
}
|
||||||
|
|
||||||
|
} catch (AssertionFailedException|WebauthnException $e) {
|
||||||
|
Registry::getUtilsView()->addErrorToDisplay($e->getMessage());
|
||||||
|
// ToDo: add requested username
|
||||||
|
Registry::getLogger()->info($e->getMessage());
|
||||||
|
|
||||||
|
$user->logout();
|
||||||
|
Registry::getUtils()->redirect('index.php?cl=start');
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
Loading…
Reference in New Issue
Block a user