bifurqué depuis D3Public/oxtotp
change line endings for easy patching
Cette révision appartient à :
Parent
86cd851e1e
révision
3816d0fa35
ID de la clé GPG:
8A7C4C6ED1915C6F
BIN
.gitattributes
externe
Fichier normal
BIN
.gitattributes
externe
Fichier normal
Fichier binaire non affiché.
@ -1,48 +1,48 @@
|
||||
{
|
||||
"name": "d3/oxtotp",
|
||||
"description": "Two-factor authentication via time-based one-time password for OXID eSales shop",
|
||||
"type": "oxideshop-module",
|
||||
"keywords": [
|
||||
"oxid",
|
||||
"modules",
|
||||
"eShop",
|
||||
"d3",
|
||||
"2FA"
|
||||
],
|
||||
"authors": [
|
||||
{
|
||||
"name": "D3 Data Development (Inh. Thomas Dartsch)",
|
||||
"email": "info@shopmodule.com",
|
||||
"homepage": "http://www.d3data.de",
|
||||
"role": "Owner"
|
||||
}
|
||||
],
|
||||
"support": {
|
||||
"email": "support@shopmodule.com"
|
||||
},
|
||||
"homepage": "https://www.oxidmodule.com/",
|
||||
"license": [
|
||||
"GPL-3.0-only"
|
||||
],
|
||||
"extra": {
|
||||
"oxideshop": {
|
||||
"source-directory": "/src",
|
||||
"target-directory": "d3/totp"
|
||||
}
|
||||
},
|
||||
"require": {
|
||||
"php": ">=5.6",
|
||||
"oxid-esales/oxideshop-metapackage-ce": "~6.0.3 || ~6.1.0 || ~6.2.0",
|
||||
"spomky-labs/otphp": "^8.3",
|
||||
"bacon/bacon-qr-code": "^1.0",
|
||||
"zendframework/zend-math": "^3.2"
|
||||
},
|
||||
"suggest": {
|
||||
"d3/modcfg": "Provides automatic installation routines"
|
||||
},
|
||||
"autoload": {
|
||||
"psr-4": {
|
||||
"D3\\Totp\\": "../../../source/modules/d3/totp"
|
||||
}
|
||||
}
|
||||
}
|
||||
{
|
||||
"name": "d3/oxtotp",
|
||||
"description": "Two-factor authentication via time-based one-time password for OXID eSales shop",
|
||||
"type": "oxideshop-module",
|
||||
"keywords": [
|
||||
"oxid",
|
||||
"modules",
|
||||
"eShop",
|
||||
"d3",
|
||||
"2FA"
|
||||
],
|
||||
"authors": [
|
||||
{
|
||||
"name": "D3 Data Development (Inh. Thomas Dartsch)",
|
||||
"email": "info@shopmodule.com",
|
||||
"homepage": "http://www.d3data.de",
|
||||
"role": "Owner"
|
||||
}
|
||||
],
|
||||
"support": {
|
||||
"email": "support@shopmodule.com"
|
||||
},
|
||||
"homepage": "https://www.oxidmodule.com/",
|
||||
"license": [
|
||||
"GPL-3.0-only"
|
||||
],
|
||||
"extra": {
|
||||
"oxideshop": {
|
||||
"source-directory": "/src",
|
||||
"target-directory": "d3/totp"
|
||||
}
|
||||
},
|
||||
"require": {
|
||||
"php": ">=5.6",
|
||||
"oxid-esales/oxideshop-metapackage-ce": "~6.0.3 || ~6.1.0 || ~6.2.0",
|
||||
"spomky-labs/otphp": "^8.3",
|
||||
"bacon/bacon-qr-code": "^1.0",
|
||||
"zendframework/zend-math": "^3.2"
|
||||
},
|
||||
"suggest": {
|
||||
"d3/modcfg": "Provides automatic installation routines"
|
||||
},
|
||||
"autoload": {
|
||||
"psr-4": {
|
||||
"D3\\Totp\\": "../../../source/modules/d3/totp"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,27 +1,27 @@
|
||||
CREATE TABLE IF NOT EXISTS `d3totp` (
|
||||
`OXID` CHAR(32) NOT NULL ,
|
||||
`OXUSERID` CHAR(32) NOT NULL ,
|
||||
`USETOTP` TINYINT(1) NOT NULL DEFAULT 0,
|
||||
`SEED` VARCHAR(256) NOT NULL ,
|
||||
`OXTIMESTAMP` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT 'Timestamp',
|
||||
PRIMARY KEY (`OXID`) ,
|
||||
UNIQUE KEY `OXUSERID` (`OXUSERID`)
|
||||
)
|
||||
ENGINE=InnoDB
|
||||
COMMENT='totp setting';
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `d3totp_backupcodes` (
|
||||
`OXID` CHAR(32) NOT NULL ,
|
||||
`OXUSERID` CHAR(32) NOT NULL COMMENT 'user id',
|
||||
`BACKUPCODE` VARCHAR(64) NOT NULL COMMENT 'BackupCode',
|
||||
`OXTIMESTAMP` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT 'Timestamp',
|
||||
PRIMARY KEY (`OXID`) ,
|
||||
KEY `OXUSERID` (`OXUSERID`) ,
|
||||
KEY `BACKUPCODE` (`BACKUPCODE`)
|
||||
)
|
||||
ENGINE=InnoDB
|
||||
COMMENT='totp backup codes';
|
||||
|
||||
INSERT INTO `oxseo` (`OXOBJECTID`, `OXIDENT`, `OXSHOPID`, `OXLANG`, `OXSTDURL`, `OXSEOURL`, `OXTYPE`, `OXFIXED`, `OXEXPIRED`, `OXPARAMS`, `OXTIMESTAMP`) VALUES
|
||||
('39f744f17e974988e515558698a29df4', '76282e134ad4e40a3578e121a6cb1f6a', 1, 1, 'index.php?cl=d3_account_totp', 'en/2-factor-authintication/', 'static', 0, 0, '', NOW()),
|
||||
('39f744f17e974988e515558698a29df4', 'c1f8b5506e2b5d6ac184dcc5ebdfb591', 1, 0, 'index.php?cl=d3_account_totp', '2-faktor-authentisierung/', 'static', 0, 0, '', NOW());
|
||||
CREATE TABLE IF NOT EXISTS `d3totp` (
|
||||
`OXID` CHAR(32) NOT NULL ,
|
||||
`OXUSERID` CHAR(32) NOT NULL ,
|
||||
`USETOTP` TINYINT(1) NOT NULL DEFAULT 0,
|
||||
`SEED` VARCHAR(256) NOT NULL ,
|
||||
`OXTIMESTAMP` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT 'Timestamp',
|
||||
PRIMARY KEY (`OXID`) ,
|
||||
UNIQUE KEY `OXUSERID` (`OXUSERID`)
|
||||
)
|
||||
ENGINE=InnoDB
|
||||
COMMENT='totp setting';
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `d3totp_backupcodes` (
|
||||
`OXID` CHAR(32) NOT NULL ,
|
||||
`OXUSERID` CHAR(32) NOT NULL COMMENT 'user id',
|
||||
`BACKUPCODE` VARCHAR(64) NOT NULL COMMENT 'BackupCode',
|
||||
`OXTIMESTAMP` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT 'Timestamp',
|
||||
PRIMARY KEY (`OXID`) ,
|
||||
KEY `OXUSERID` (`OXUSERID`) ,
|
||||
KEY `BACKUPCODE` (`BACKUPCODE`)
|
||||
)
|
||||
ENGINE=InnoDB
|
||||
COMMENT='totp backup codes';
|
||||
|
||||
INSERT INTO `oxseo` (`OXOBJECTID`, `OXIDENT`, `OXSHOPID`, `OXLANG`, `OXSTDURL`, `OXSEOURL`, `OXTYPE`, `OXFIXED`, `OXEXPIRED`, `OXPARAMS`, `OXTIMESTAMP`) VALUES
|
||||
('39f744f17e974988e515558698a29df4', '76282e134ad4e40a3578e121a6cb1f6a', 1, 1, 'index.php?cl=d3_account_totp', 'en/2-factor-authintication/', 'static', 0, 0, '', NOW()),
|
||||
('39f744f17e974988e515558698a29df4', 'c1f8b5506e2b5d6ac184dcc5ebdfb591', 1, 0, 'index.php?cl=d3_account_totp', '2-faktor-authentisierung/', 'static', 0, 0, '', NOW());
|
||||
|
||||
@ -1,60 +1,60 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* This Software is the property of Data Development and is protected
|
||||
* by copyright law - it is NOT Freeware.
|
||||
* Any unauthorized use of this software without a valid license
|
||||
* is a violation of the license agreement and will be prosecuted by
|
||||
* civil and criminal law.
|
||||
* http://www.shopmodule.com
|
||||
*
|
||||
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
|
||||
* @author D3 Data Development - Daniel Seifert <support@shopmodule.com>
|
||||
* @link http://www.oxidmodule.com
|
||||
*/
|
||||
|
||||
namespace D3\Totp\Modules\Application\Component
|
||||
{
|
||||
|
||||
use OxidEsales\Eshop\Application\Component\UserComponent;
|
||||
|
||||
class d3_totp_UserComponent_parent extends UserComponent { }
|
||||
}
|
||||
|
||||
namespace D3\Totp\Modules\Application\Controller
|
||||
{
|
||||
|
||||
use OxidEsales\Eshop\Application\Controller\OrderController;
|
||||
use OxidEsales\Eshop\Application\Controller\PaymentController;
|
||||
use OxidEsales\Eshop\Application\Controller\UserController;
|
||||
|
||||
class d3_totp_UserController_parent extends UserController { }
|
||||
|
||||
class d3_totp_PaymentController_parent extends PaymentController { }
|
||||
|
||||
class d3_totp_OrderController_parent extends OrderController { }
|
||||
}
|
||||
|
||||
namespace D3\Totp\Modules\Application\Controller\Admin
|
||||
{
|
||||
|
||||
use OxidEsales\Eshop\Application\Controller\Admin\LoginController;
|
||||
|
||||
class d3_totp_LoginController_parent extends LoginController { }
|
||||
}
|
||||
|
||||
namespace D3\Totp\Modules\Application\Model
|
||||
{
|
||||
|
||||
use OxidEsales\Eshop\Application\Model\User;
|
||||
|
||||
class d3_totp_user_parent extends User { }
|
||||
}
|
||||
|
||||
namespace D3\Totp\Modules\Core
|
||||
{
|
||||
|
||||
use OxidEsales\Eshop\Core\Utils;
|
||||
|
||||
class d3_totp_utils_parent extends Utils { }
|
||||
<?php
|
||||
|
||||
/**
|
||||
* This Software is the property of Data Development and is protected
|
||||
* by copyright law - it is NOT Freeware.
|
||||
* Any unauthorized use of this software without a valid license
|
||||
* is a violation of the license agreement and will be prosecuted by
|
||||
* civil and criminal law.
|
||||
* http://www.shopmodule.com
|
||||
*
|
||||
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
|
||||
* @author D3 Data Development - Daniel Seifert <support@shopmodule.com>
|
||||
* @link http://www.oxidmodule.com
|
||||
*/
|
||||
|
||||
namespace D3\Totp\Modules\Application\Component
|
||||
{
|
||||
|
||||
use OxidEsales\Eshop\Application\Component\UserComponent;
|
||||
|
||||
class d3_totp_UserComponent_parent extends UserComponent { }
|
||||
}
|
||||
|
||||
namespace D3\Totp\Modules\Application\Controller
|
||||
{
|
||||
|
||||
use OxidEsales\Eshop\Application\Controller\OrderController;
|
||||
use OxidEsales\Eshop\Application\Controller\PaymentController;
|
||||
use OxidEsales\Eshop\Application\Controller\UserController;
|
||||
|
||||
class d3_totp_UserController_parent extends UserController { }
|
||||
|
||||
class d3_totp_PaymentController_parent extends PaymentController { }
|
||||
|
||||
class d3_totp_OrderController_parent extends OrderController { }
|
||||
}
|
||||
|
||||
namespace D3\Totp\Modules\Application\Controller\Admin
|
||||
{
|
||||
|
||||
use OxidEsales\Eshop\Application\Controller\Admin\LoginController;
|
||||
|
||||
class d3_totp_LoginController_parent extends LoginController { }
|
||||
}
|
||||
|
||||
namespace D3\Totp\Modules\Application\Model
|
||||
{
|
||||
|
||||
use OxidEsales\Eshop\Application\Model\User;
|
||||
|
||||
class d3_totp_user_parent extends User { }
|
||||
}
|
||||
|
||||
namespace D3\Totp\Modules\Core
|
||||
{
|
||||
|
||||
use OxidEsales\Eshop\Core\Utils;
|
||||
|
||||
class d3_totp_utils_parent extends Utils { }
|
||||
}
|
||||
@ -1,68 +1,68 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* This Software is the property of Data Development and is protected
|
||||
* by copyright law - it is NOT Freeware.
|
||||
* Any unauthorized use of this software without a valid license
|
||||
* is a violation of the license agreement and will be prosecuted by
|
||||
* civil and criminal law.
|
||||
* http://www.shopmodule.com
|
||||
*
|
||||
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
|
||||
* @author D3 Data Development - Daniel Seifert <support@shopmodule.com>
|
||||
* @link http://www.oxidmodule.com
|
||||
*/
|
||||
|
||||
namespace D3\Totp\Modules\Core;
|
||||
|
||||
use D3\Totp\Application\Model\d3totp;
|
||||
use Doctrine\DBAL\DBALException;
|
||||
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
|
||||
use OxidEsales\Eshop\Core\Registry;
|
||||
use OxidEsales\Eshop\Core\Session;
|
||||
|
||||
class d3_totp_utils extends d3_totp_utils_parent
|
||||
{
|
||||
/**
|
||||
* @return bool
|
||||
* @throws DBALException
|
||||
* @throws DatabaseConnectionException
|
||||
*/
|
||||
public function checkAccessRights()
|
||||
{
|
||||
$blAuth = parent::checkAccessRights();
|
||||
|
||||
$userID = $this->d3GetSessionObject()->getVariable("auth");
|
||||
$totpAuth = (bool) $this->d3GetSessionObject()->getVariable(d3totp::TOTP_SESSION_VARNAME);
|
||||
/** @var d3totp $totp */
|
||||
$totp = $this->d3GetTotpObject();
|
||||
$totp->loadByUserId($userID);
|
||||
|
||||
if ($blAuth && $totp->isActive() && false === $totpAuth) {
|
||||
$this->redirect('index.php?cl=login', true, 302);
|
||||
if (false == defined('OXID_PHP_UNIT')) {
|
||||
// @codeCoverageIgnoreStart
|
||||
exit;
|
||||
// @codeCoverageIgnoreEnd
|
||||
}
|
||||
}
|
||||
|
||||
return $blAuth;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return Session
|
||||
*/
|
||||
public function d3GetSessionObject()
|
||||
{
|
||||
return Registry::getSession();
|
||||
}
|
||||
|
||||
/**
|
||||
* @return d3totp
|
||||
*/
|
||||
public function d3GetTotpObject()
|
||||
{
|
||||
return oxNew(d3totp::class);
|
||||
}
|
||||
<?php
|
||||
|
||||
/**
|
||||
* This Software is the property of Data Development and is protected
|
||||
* by copyright law - it is NOT Freeware.
|
||||
* Any unauthorized use of this software without a valid license
|
||||
* is a violation of the license agreement and will be prosecuted by
|
||||
* civil and criminal law.
|
||||
* http://www.shopmodule.com
|
||||
*
|
||||
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
|
||||
* @author D3 Data Development - Daniel Seifert <support@shopmodule.com>
|
||||
* @link http://www.oxidmodule.com
|
||||
*/
|
||||
|
||||
namespace D3\Totp\Modules\Core;
|
||||
|
||||
use D3\Totp\Application\Model\d3totp;
|
||||
use Doctrine\DBAL\DBALException;
|
||||
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
|
||||
use OxidEsales\Eshop\Core\Registry;
|
||||
use OxidEsales\Eshop\Core\Session;
|
||||
|
||||
class d3_totp_utils extends d3_totp_utils_parent
|
||||
{
|
||||
/**
|
||||
* @return bool
|
||||
* @throws DBALException
|
||||
* @throws DatabaseConnectionException
|
||||
*/
|
||||
public function checkAccessRights()
|
||||
{
|
||||
$blAuth = parent::checkAccessRights();
|
||||
|
||||
$userID = $this->d3GetSessionObject()->getVariable("auth");
|
||||
$totpAuth = (bool) $this->d3GetSessionObject()->getVariable(d3totp::TOTP_SESSION_VARNAME);
|
||||
/** @var d3totp $totp */
|
||||
$totp = $this->d3GetTotpObject();
|
||||
$totp->loadByUserId($userID);
|
||||
|
||||
if ($blAuth && $totp->isActive() && false === $totpAuth) {
|
||||
$this->redirect('index.php?cl=login', true, 302);
|
||||
if (false == defined('OXID_PHP_UNIT')) {
|
||||
// @codeCoverageIgnoreStart
|
||||
exit;
|
||||
// @codeCoverageIgnoreEnd
|
||||
}
|
||||
}
|
||||
|
||||
return $blAuth;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return Session
|
||||
*/
|
||||
public function d3GetSessionObject()
|
||||
{
|
||||
return Registry::getSession();
|
||||
}
|
||||
|
||||
/**
|
||||
* @return d3totp
|
||||
*/
|
||||
public function d3GetTotpObject()
|
||||
{
|
||||
return oxNew(d3totp::class);
|
||||
}
|
||||
}
|
||||
Chargement…
Référencer dans un nouveau ticket
Block a user