forked from D3Public/oxtotp
separate session var names between frontend and backend
This commit is contained in:
parent
d8be836ed7
commit
46ae7efa32
@ -60,7 +60,7 @@ class d3totpadminlogin extends AdminController
|
|||||||
$totp = $this->d3TotpGetTotpObject();
|
$totp = $this->d3TotpGetTotpObject();
|
||||||
$totp->loadByUserId($userId);
|
$totp->loadByUserId($userId);
|
||||||
|
|
||||||
return $this->d3TotpGetSession()->hasVariable(d3totp_conf::SESSION_AUTH) ||
|
return $this->d3TotpGetSession()->hasVariable(d3totp_conf::SESSION_ADMIN_AUTH) ||
|
||||||
!$totp->isActive();
|
!$totp->isActive();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -70,7 +70,7 @@ class d3totpadminlogin extends AdminController
|
|||||||
protected function isTotpLoginNotPossible(): bool
|
protected function isTotpLoginNotPossible(): bool
|
||||||
{
|
{
|
||||||
return !$this->d3TotpGetSession()->hasVariable(d3totp_conf::OXID_ADMIN_AUTH) &&
|
return !$this->d3TotpGetSession()->hasVariable(d3totp_conf::OXID_ADMIN_AUTH) &&
|
||||||
!$this->d3TotpGetSession()->hasVariable(d3totp_conf::SESSION_CURRENTUSER);
|
!$this->d3TotpGetSession()->hasVariable(d3totp_conf::SESSION_ADMIN_CURRENTUSER);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -159,8 +159,8 @@ class d3totpadminlogin extends AdminController
|
|||||||
$session->initNewSession();
|
$session->initNewSession();
|
||||||
$session->setVariable("aAdminProfiles", $adminProfiles);
|
$session->setVariable("aAdminProfiles", $adminProfiles);
|
||||||
$session->setVariable(d3totp_conf::OXID_ADMIN_AUTH, $userId);
|
$session->setVariable(d3totp_conf::OXID_ADMIN_AUTH, $userId);
|
||||||
$session->setVariable(d3totp_conf::SESSION_AUTH, $userId);
|
$session->setVariable(d3totp_conf::SESSION_ADMIN_AUTH, $userId);
|
||||||
$session->deleteVariable(d3totp_conf::SESSION_CURRENTUSER);
|
$session->deleteVariable(d3totp_conf::SESSION_ADMIN_CURRENTUSER);
|
||||||
|
|
||||||
return "admin_start";
|
return "admin_start";
|
||||||
} catch (d3totp_wrongOtpException $e) {
|
} catch (d3totp_wrongOtpException $e) {
|
||||||
@ -179,7 +179,7 @@ class d3totpadminlogin extends AdminController
|
|||||||
*/
|
*/
|
||||||
public function d3TotpHasValidTotp(string $sTotp = null, d3totp $totp): bool
|
public function d3TotpHasValidTotp(string $sTotp = null, d3totp $totp): bool
|
||||||
{
|
{
|
||||||
return $this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_AUTH)
|
return $this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_ADMIN_AUTH)
|
||||||
|| $totp->verify($sTotp);
|
|| $totp->verify($sTotp);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -17,7 +17,6 @@ namespace D3\Totp\Application\Controller\Admin;
|
|||||||
|
|
||||||
use D3\Totp\Application\Model\d3totp;
|
use D3\Totp\Application\Model\d3totp;
|
||||||
use D3\Totp\Application\Model\d3backupcodelist;
|
use D3\Totp\Application\Model\d3backupcodelist;
|
||||||
use D3\Totp\Application\Model\d3totp_conf;
|
|
||||||
use D3\Totp\Modules\Application\Model\d3_totp_user;
|
use D3\Totp\Modules\Application\Model\d3_totp_user;
|
||||||
use Exception;
|
use Exception;
|
||||||
use OxidEsales\Eshop\Application\Controller\Admin\AdminDetailsController;
|
use OxidEsales\Eshop\Application\Controller\Admin\AdminDetailsController;
|
||||||
|
@ -20,7 +20,6 @@ use OxidEsales\Eshop\Application\Model\User;
|
|||||||
use OxidEsales\Eshop\Core\DatabaseProvider;
|
use OxidEsales\Eshop\Core\DatabaseProvider;
|
||||||
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
|
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
|
||||||
use OxidEsales\Eshop\Core\Model\BaseModel;
|
use OxidEsales\Eshop\Core\Model\BaseModel;
|
||||||
use OxidEsales\Eshop\Core\Registry;
|
|
||||||
|
|
||||||
class d3backupcode extends BaseModel
|
class d3backupcode extends BaseModel
|
||||||
{
|
{
|
||||||
|
@ -17,10 +17,12 @@ namespace D3\Totp\Application\Model;
|
|||||||
|
|
||||||
class d3totp_conf
|
class d3totp_conf
|
||||||
{
|
{
|
||||||
public const OXID_ADMIN_AUTH = 'auth';
|
public const OXID_ADMIN_AUTH = 'auth';
|
||||||
public const OXID_FRONTEND_AUTH = 'usr';
|
public const OXID_FRONTEND_AUTH = 'usr';
|
||||||
public const SESSION_AUTH = 'd3TotpAuth'; // has valid totp, user is logged in completly
|
public const SESSION_AUTH = 'd3Totp_auth'; // has valid totp, user is logged in completly
|
||||||
public const SESSION_CURRENTUSER = 'd3TotpCurrentUser'; // oxid assigned to user from entered username
|
public const SESSION_CURRENTUSER = 'd3Totp_currentUser'; // oxid assigned to user from entered username
|
||||||
public const SESSION_CURRENTCLASS = 'd3TotpCurrentClass'; // oxid assigned to user from entered username
|
public const SESSION_CURRENTCLASS = 'd3Totp_currentClass'; // oxid assigned to user from entered username
|
||||||
public const SESSION_NAVFORMPARAMS = 'd3totpNavFormParams';
|
public const SESSION_NAVFORMPARAMS = 'd3Totp_navFormParams';
|
||||||
|
public const SESSION_ADMIN_AUTH = 'd3Totp_auth'; // has valid totp, user is logged in completly
|
||||||
|
public const SESSION_ADMIN_CURRENTUSER = 'd3Totp_currentUser'; // oxid assigned to user from entered username
|
||||||
}
|
}
|
@ -63,7 +63,7 @@ class d3_totp_LoginController extends d3_totp_LoginController_parent
|
|||||||
$user = $this->d3TotpGetUserObject();
|
$user = $this->d3TotpGetUserObject();
|
||||||
$user->logout();
|
$user->logout();
|
||||||
|
|
||||||
$this->d3TotpGetSession()->setVariable(d3totp_conf::SESSION_CURRENTUSER, $userId);
|
$this->d3TotpGetSession()->setVariable(d3totp_conf::SESSION_ADMIN_CURRENTUSER, $userId);
|
||||||
return "d3totpadminlogin";
|
return "d3totpadminlogin";
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -77,7 +77,7 @@ class d3_totp_LoginController extends d3_totp_LoginController_parent
|
|||||||
public function d3TotpLoginMissing($totp)
|
public function d3TotpLoginMissing($totp)
|
||||||
{
|
{
|
||||||
return $totp->isActive()
|
return $totp->isActive()
|
||||||
&& false == $this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_AUTH);
|
&& false == $this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_ADMIN_AUTH);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -41,7 +41,8 @@ trait d3_totp_getUserTrait
|
|||||||
$totp->loadByUserId($oUser->getId());
|
$totp->loadByUserId($oUser->getId());
|
||||||
|
|
||||||
if ($totp->isActive()
|
if ($totp->isActive()
|
||||||
&& !$this->d3TotpGetSessionObject()->getVariable(d3totp_conf::SESSION_AUTH)
|
&& !$this->d3TotpGetSessionObject()->getVariable(
|
||||||
|
isAdmin() ? d3totp_conf::SESSION_ADMIN_AUTH : d3totp_conf::SESSION_AUTH)
|
||||||
) {
|
) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
@ -28,6 +28,8 @@ class d3_totp_user extends d3_totp_user_parent
|
|||||||
|
|
||||||
$this->d3TotpGetSession()->deleteVariable(d3totp_conf::SESSION_AUTH);
|
$this->d3TotpGetSession()->deleteVariable(d3totp_conf::SESSION_AUTH);
|
||||||
$this->d3TotpGetSession()->deleteVariable(d3totp_conf::SESSION_CURRENTUSER);
|
$this->d3TotpGetSession()->deleteVariable(d3totp_conf::SESSION_CURRENTUSER);
|
||||||
|
$this->d3TotpGetSession()->deleteVariable(d3totp_conf::SESSION_ADMIN_AUTH);
|
||||||
|
$this->d3TotpGetSession()->deleteVariable(d3totp_conf::SESSION_ADMIN_CURRENTUSER);
|
||||||
|
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
@ -53,10 +55,13 @@ class d3_totp_user extends d3_totp_user_parent
|
|||||||
*/
|
*/
|
||||||
public function d3TotpGetCurrentUser(): ?string
|
public function d3TotpGetCurrentUser(): ?string
|
||||||
{
|
{
|
||||||
return $this->d3TotpGetSession()->hasVariable(d3totp_conf::SESSION_CURRENTUSER) ?
|
return $this->isAdmin() ?
|
||||||
$this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_CURRENTUSER) :
|
($this->d3TotpGetSession()->hasVariable(d3totp_conf::SESSION_ADMIN_CURRENTUSER) ?
|
||||||
($this->isAdmin() ?
|
$this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_ADMIN_CURRENTUSER) :
|
||||||
$this->d3TotpGetSession()->getVariable(d3totp_conf::OXID_ADMIN_AUTH) :
|
$this->d3TotpGetSession()->getVariable(d3totp_conf::OXID_ADMIN_AUTH))
|
||||||
|
:
|
||||||
|
($this->d3TotpGetSession()->hasVariable(d3totp_conf::SESSION_CURRENTUSER) ?
|
||||||
|
$this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_CURRENTUSER) :
|
||||||
$this->d3TotpGetSession()->getVariable(d3totp_conf::OXID_FRONTEND_AUTH));
|
$this->d3TotpGetSession()->getVariable(d3totp_conf::OXID_FRONTEND_AUTH));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -35,7 +35,7 @@ class d3_totp_utils extends d3_totp_utils_parent
|
|||||||
$blAuth = parent::checkAccessRights();
|
$blAuth = parent::checkAccessRights();
|
||||||
$blAuth = $this->d3AuthHook($blAuth);
|
$blAuth = $this->d3AuthHook($blAuth);
|
||||||
$userID = $this->d3TotpGetSessionObject()->getVariable("auth");
|
$userID = $this->d3TotpGetSessionObject()->getVariable("auth");
|
||||||
$totpAuth = (bool) $this->d3TotpGetSessionObject()->getVariable(d3totp_conf::SESSION_AUTH);
|
$totpAuth = (bool) $this->d3TotpGetSessionObject()->getVariable(d3totp_conf::SESSION_ADMIN_AUTH);
|
||||||
/** @var d3totp $totp */
|
/** @var d3totp $totp */
|
||||||
$totp = $this->d3GetTotpObject();
|
$totp = $this->d3GetTotpObject();
|
||||||
$totp->loadByUserId($userID);
|
$totp->loadByUserId($userID);
|
||||||
|
@ -117,7 +117,7 @@ class d3totpadminloginTest extends d3TotpUnitTestCase
|
|||||||
])
|
])
|
||||||
->getMock();
|
->getMock();
|
||||||
$hasVariableMap = [
|
$hasVariableMap = [
|
||||||
[d3totp_conf::SESSION_AUTH, $hasAuthAlready]
|
[d3totp_conf::SESSION_ADMIN_AUTH, $hasAuthAlready]
|
||||||
];
|
];
|
||||||
$oSessionMock->method('hasVariable')->willReturnMap($hasVariableMap);
|
$oSessionMock->method('hasVariable')->willReturnMap($hasVariableMap);
|
||||||
|
|
||||||
@ -174,7 +174,7 @@ class d3totpadminloginTest extends d3TotpUnitTestCase
|
|||||||
->getMock();
|
->getMock();
|
||||||
$hasVariableMap = [
|
$hasVariableMap = [
|
||||||
[d3totp_conf::OXID_ADMIN_AUTH, $hasAdminAuth],
|
[d3totp_conf::OXID_ADMIN_AUTH, $hasAdminAuth],
|
||||||
[d3totp_conf::SESSION_CURRENTUSER, $hasCurrentUser],
|
[d3totp_conf::SESSION_ADMIN_CURRENTUSER, $hasCurrentUser],
|
||||||
];
|
];
|
||||||
$oSessionMock->method('hasVariable')->willReturnMap($hasVariableMap);
|
$oSessionMock->method('hasVariable')->willReturnMap($hasVariableMap);
|
||||||
|
|
||||||
@ -488,7 +488,7 @@ class d3totpadminloginTest extends d3TotpUnitTestCase
|
|||||||
*/
|
*/
|
||||||
public function hasValidTotpTrueSessionVarname()
|
public function hasValidTotpTrueSessionVarname()
|
||||||
{
|
{
|
||||||
Registry::getSession()->setVariable(d3totp_conf::SESSION_AUTH, true);
|
Registry::getSession()->setVariable(d3totp_conf::SESSION_ADMIN_AUTH, true);
|
||||||
|
|
||||||
/** @var d3totp|MockObject $oTotpMock */
|
/** @var d3totp|MockObject $oTotpMock */
|
||||||
$oTotpMock = $this->getMockBuilder(d3totp::class)
|
$oTotpMock = $this->getMockBuilder(d3totp::class)
|
||||||
@ -509,7 +509,7 @@ class d3totpadminloginTest extends d3TotpUnitTestCase
|
|||||||
*/
|
*/
|
||||||
public function hasValidTotpTrueValidTotp()
|
public function hasValidTotpTrueValidTotp()
|
||||||
{
|
{
|
||||||
Registry::getSession()->setVariable(d3totp_conf::SESSION_AUTH, false);
|
Registry::getSession()->setVariable(d3totp_conf::SESSION_ADMIN_AUTH, false);
|
||||||
|
|
||||||
/** @var d3totp|MockObject $oTotpMock */
|
/** @var d3totp|MockObject $oTotpMock */
|
||||||
$oTotpMock = $this->getMockBuilder(d3totp::class)
|
$oTotpMock = $this->getMockBuilder(d3totp::class)
|
||||||
@ -530,7 +530,7 @@ class d3totpadminloginTest extends d3TotpUnitTestCase
|
|||||||
*/
|
*/
|
||||||
public function hasValidTotpFalseMissingTotp()
|
public function hasValidTotpFalseMissingTotp()
|
||||||
{
|
{
|
||||||
Registry::getSession()->setVariable(d3totp_conf::SESSION_AUTH, false);
|
Registry::getSession()->setVariable(d3totp_conf::SESSION_ADMIN_AUTH, false);
|
||||||
|
|
||||||
/** @var d3totp|MockObject $oTotpMock */
|
/** @var d3totp|MockObject $oTotpMock */
|
||||||
$oTotpMock = $this->getMockBuilder(d3totp::class)
|
$oTotpMock = $this->getMockBuilder(d3totp::class)
|
||||||
@ -550,7 +550,7 @@ class d3totpadminloginTest extends d3TotpUnitTestCase
|
|||||||
*/
|
*/
|
||||||
public function hasValidTotpFalseUnverifiedTotp()
|
public function hasValidTotpFalseUnverifiedTotp()
|
||||||
{
|
{
|
||||||
Registry::getSession()->setVariable(d3totp_conf::SESSION_AUTH, false);
|
Registry::getSession()->setVariable(d3totp_conf::SESSION_ADMIN_AUTH, false);
|
||||||
|
|
||||||
/** @var d3totp|MockObject $oTotpMock */
|
/** @var d3totp|MockObject $oTotpMock */
|
||||||
$oTotpMock = $this->getMockBuilder(d3totp::class)
|
$oTotpMock = $this->getMockBuilder(d3totp::class)
|
||||||
|
@ -16,7 +16,6 @@ namespace D3\Totp\tests\unit\Application\Controller;
|
|||||||
use D3\TestingTools\Development\CanAccessRestricted;
|
use D3\TestingTools\Development\CanAccessRestricted;
|
||||||
use D3\Totp\Application\Controller\d3totplogin;
|
use D3\Totp\Application\Controller\d3totplogin;
|
||||||
use D3\Totp\Application\Model\d3backupcodelist;
|
use D3\Totp\Application\Model\d3backupcodelist;
|
||||||
use D3\Totp\Application\Model\d3totp;
|
|
||||||
use D3\Totp\Application\Model\d3totp_conf;
|
use D3\Totp\Application\Model\d3totp_conf;
|
||||||
use D3\Totp\tests\unit\d3TotpUnitTestCase;
|
use D3\Totp\tests\unit\d3TotpUnitTestCase;
|
||||||
use OxidEsales\Eshop\Core\Registry;
|
use OxidEsales\Eshop\Core\Registry;
|
||||||
|
@ -15,7 +15,6 @@ namespace D3\Totp\tests\unit\Application\Model;
|
|||||||
|
|
||||||
use D3\TestingTools\Development\CanAccessRestricted;
|
use D3\TestingTools\Development\CanAccessRestricted;
|
||||||
use D3\Totp\Application\Model\d3backupcode;
|
use D3\Totp\Application\Model\d3backupcode;
|
||||||
use D3\Totp\Application\Model\d3totp;
|
|
||||||
use D3\Totp\Application\Model\d3totp_conf;
|
use D3\Totp\Application\Model\d3totp_conf;
|
||||||
use D3\Totp\tests\unit\d3TotpUnitTestCase;
|
use D3\Totp\tests\unit\d3TotpUnitTestCase;
|
||||||
use OxidEsales\Eshop\Application\Model\User;
|
use OxidEsales\Eshop\Application\Model\User;
|
||||||
|
@ -193,7 +193,7 @@ class d3_totp_LoginControllerTest extends d3TotpUnitTestCase
|
|||||||
$oSessionMock = $this->getMockBuilder(Session::class)
|
$oSessionMock = $this->getMockBuilder(Session::class)
|
||||||
->onlyMethods(['getVariable'])
|
->onlyMethods(['getVariable'])
|
||||||
->getMock();
|
->getMock();
|
||||||
$oSessionMock->method('getVariable')->with(d3totp_conf::SESSION_AUTH)->willReturn($loggedin);
|
$oSessionMock->method('getVariable')->with(d3totp_conf::SESSION_ADMIN_AUTH)->willReturn($loggedin);
|
||||||
|
|
||||||
/** @var d3_totp_LoginController|MockObject $oControllerMock */
|
/** @var d3_totp_LoginController|MockObject $oControllerMock */
|
||||||
$oControllerMock = $this->getMockBuilder(d3_totp_LoginController::class)
|
$oControllerMock = $this->getMockBuilder(d3_totp_LoginController::class)
|
||||||
|
@ -123,6 +123,7 @@ class d3_totp_userTest extends d3TotpUnitTestCase
|
|||||||
$oSessionMock->expects($this->once())->method('hasVariable')->willReturn((bool) $currentUser);
|
$oSessionMock->expects($this->once())->method('hasVariable')->willReturn((bool) $currentUser);
|
||||||
$getVariableMap = [
|
$getVariableMap = [
|
||||||
[d3totp_conf::SESSION_CURRENTUSER, $currentUser],
|
[d3totp_conf::SESSION_CURRENTUSER, $currentUser],
|
||||||
|
[d3totp_conf::SESSION_ADMIN_CURRENTUSER, $currentUser],
|
||||||
[d3totp_conf::OXID_ADMIN_AUTH, $adminAuth],
|
[d3totp_conf::OXID_ADMIN_AUTH, $adminAuth],
|
||||||
[d3totp_conf::OXID_FRONTEND_AUTH, $frontendAuth],
|
[d3totp_conf::OXID_FRONTEND_AUTH, $frontendAuth],
|
||||||
];
|
];
|
||||||
@ -152,9 +153,10 @@ class d3_totp_userTest extends d3TotpUnitTestCase
|
|||||||
public function d3TotpGetCurrentUserTestDataProvider(): array
|
public function d3TotpGetCurrentUserTestDataProvider(): array
|
||||||
{
|
{
|
||||||
return [
|
return [
|
||||||
'login request' => ['currentFixture', true, 'adminFixture', 'frontendFixture', 'currentFixture'],
|
'adm login request' => ['currentFixture', true, 'adminFixture', 'frontendFixture', 'currentFixture'],
|
||||||
'admin auth' => [null, true, 'adminFixture', 'frontendFixture', 'adminFixture'],
|
'frnt login request' => ['currentFixture', false, 'adminFixture', 'frontendFixture', 'currentFixture'],
|
||||||
'frontend auth' => [null, false, 'adminFixture', 'frontendFixture', 'frontendFixture'],
|
'admin auth' => [null, true, 'adminFixture', 'frontendFixture', 'adminFixture'],
|
||||||
|
'frontend auth' => [null, false, 'adminFixture', 'frontendFixture', 'frontendFixture'],
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user