initial implementation for frontend check

2019-08-02 00:23:21 +02:00 · 2019-08-02 00:23:21 +02:00 · 6731246784
parent d6d1f976dc
commit 6731246784
14 changed files with 164 additions and 78 deletions
--- a/src/Application/Controller/Admin/d3user_totp.php
+++ b/src/Application/Controller/Admin/d3user_totp.php
@ -31,7 +31,7 @@ class d3user_totp extends AdminDetailsController

    protected $_sThisTemplate = 'd3user_totp.tpl';

-    public $aBackupCodes = array();
+    public $aBackupCodes = [];

    /**
     * @return string
@ -104,6 +104,9 @@ class d3user_totp extends AdminDetailsController
        }
    }

+    /**
+     * @throws DatabaseConnectionException
+     */
    public function delete()
    {
        $aParams = Registry::getRequest()->getRequestEscapedParameter("editval");
--- a/src/Application/Controller/d3totplogin.php
+++ b/src/Application/Controller/d3totplogin.php
@ -28,13 +28,13 @@ class d3totplogin extends FrontendController
    public function render()
    {
        if (Registry::getSession()->hasVariable(d3totp::TOTP_SESSION_VARNAME) ||
-            false == Registry::getSession()->hasVariable('d3totpCurrentUser')
+            false == Registry::getSession()->hasVariable(d3totp::TOTP_SESSION_CURRENTUSER)
        ) {
            Registry::getUtils()->redirect('index.php?cl=start', true, 302);
            exit;
        }

-        $this->addTplParam('navFormParams', Registry::getSession()->getVariable('d3totpNavFormParams'));
+        $this->addTplParam('navFormParams', Registry::getSession()->getVariable(d3totp::TOTP_SESSION_NAVFORMPARAMS));

        return parent::render();
    }
@ -46,7 +46,7 @@ class d3totplogin extends FrontendController
    public function getBackupCodeCountMessage()
    {
        $oBackupCodeList = oxNew(d3backupcodelist::class);
-        $iCount = $oBackupCodeList->getAvailableCodeCount(Registry::getSession()->getVariable('d3totpCurrentUser'));
+        $iCount = $oBackupCodeList->getAvailableCodeCount(Registry::getSession()->getVariable(d3totp::TOTP_SESSION_CURRENTUSER));

        if ($iCount < 4) {
            return sprintf(
@ -60,12 +60,12 @@ class d3totplogin extends FrontendController

    public function getPreviousClass()
    {
-        return Registry::getSession()->getVariable('d3totpCurrentClass');
+        return Registry::getSession()->getVariable(d3totp::TOTP_SESSION_CURRENTCLASS);
    }

    public function previousClassIsOrderStep()
    {
-        $sClassKey = Registry::getSession()->getVariable('d3totpCurrentClass');
+        $sClassKey = Registry::getSession()->getVariable(d3totp::TOTP_SESSION_CURRENTCLASS);
        $resolvedClass = Registry::getControllerClassNameResolver()->getClassNameById($sClassKey);
        $resolvedClass = $resolvedClass ? $resolvedClass : 'start';

@ -73,4 +73,30 @@ class d3totplogin extends FrontendController
        $oController = oxNew($resolvedClass);
        return $oController->getIsOrderStep();
    }
+
+    /**
+     * @return bool
+     */
+    public function getIsOrderStep()
+    {
+        return $this->previousClassIsOrderStep();
+    }
+
+    /**
+     * Returns Bread Crumb - you are here page1/page2/page3...
+     *
+     * @return array
+     */
+    public function getBreadCrumb()
+    {
+        $aPaths = [];
+        $aPath = [];
+        $iBaseLanguage = Registry::getLang()->getBaseLanguage();
+        $aPath['title'] = Registry::getLang()->translateString('D3_TOTP_BREADCRUMB', $iBaseLanguage, false);
+        $aPath['link'] = $this->getLink();
+
+        $aPaths[] = $aPath;
+
+        return $aPaths;
+    }
 }
--- a/src/Application/Model/d3backupcode.php
+++ b/src/Application/Model/d3backupcode.php
@ -39,10 +39,10 @@ class d3backupcode extends BaseModel

        $sCode = $generator->generateString(6, Generator::CHAR_DIGITS);
        $this->assign(
-            array(
+            [
                'oxuserid'    => $sUserId,
                'backupcode' => $this->d3EncodeBC($sCode),
-            )
+            ]
        );

        return $sCode;
@ -68,7 +68,7 @@ class d3backupcode extends BaseModel
            return $this->getUser();
        }

-        $sUserId = Registry::getSession()->getVariable('d3totpCurrentUser');
+        $sUserId = Registry::getSession()->getVariable(d3totp::TOTP_SESSION_CURRENTUSER);
        $oUser = oxNew(User::class);
        $oUser->load($sUserId);
        return $oUser;
--- a/src/Application/Model/d3backupcodelist.php
+++ b/src/Application/Model/d3backupcodelist.php
@ -16,9 +16,7 @@
 namespace D3\Totp\Application\Model;

 use D3\Totp\Application\Controller\Admin\d3user_totp;
-use D3\Totp\Application\Model\d3backupcode;
 use Exception;
-use OxidEsales\Eshop\Application\Model\User;
 use OxidEsales\Eshop\Core\DatabaseProvider;
 use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
 use OxidEsales\Eshop\Core\Model\ListModel;
@ -35,7 +33,7 @@ class d3backupcodelist extends ListModel
     */
    protected $_sCoreTable = 'd3totp_backupcodes';

-    protected $_backupCodes = array();
+    protected $_backupCodes = [];

    /**
     * @param $sUserId
@ -134,13 +132,6 @@ class d3backupcodelist extends ListModel

    public function d3GetUser()
    {
-        if ($this->getUser()) {
-            return $this->getUser();
-        }
-
-        $sUserId = Registry::getSession()->getVariable('d3totpCurrentUser');
-        $oUser = oxNew(User::class);
-        $oUser->load($sUserId);
-        return $oUser;
+        return $this->getBaseObject()->d3GetUser();
    }
 }
--- a/src/Application/Model/d3totp.php
+++ b/src/Application/Model/d3totp.php
@ -29,7 +29,10 @@ use OxidEsales\Eshop\Core\Registry;

 class d3totp extends BaseModel
 {
-    const TOTP_SESSION_VARNAME = 'totp_auth';
+    const TOTP_SESSION_VARNAME          = 'totp_auth';
+    const TOTP_SESSION_CURRENTUSER      = 'd3totpCurrentUser';
+    const TOTP_SESSION_CURRENTCLASS     = 'd3totpCurrentClass';
+    const TOTP_SESSION_NAVFORMPARAMS    = 'd3totpNavFormParams';

    public $tableName = 'd3totp';
    public $userId;
@ -175,9 +178,9 @@ class d3totp extends BaseModel
    public function saveSecret($seed)
    {
        $this->assign(
-            array(
+            [
                'seed'  => $this->encrypt($seed)
-            )
+            ]
        );
    }

--- a/src/Application/translations/de/d3_totp_lang.php
+++ b/src/Application/translations/de/d3_totp_lang.php
@ -17,10 +17,14 @@

 $sLangName = "Deutsch";

-$aLang = array(
+$aLang = [
    'charset'                                => 'UTF-8',

-    'TOTP_INPUT'                             => 'Authentisierungscode',
-    'TOTP_INPUT_HELP'                        => 'Das Einmalpasswort erhalten Sie von der Zweifaktorauthentisierung-App auf Ihrem Gerät.',
-    'TOTP_CANCEL_LOGIN'                      => 'Anmeldung abbrechen',
-);
+    'D3_TOTP_INPUT'                          => 'Authentisierungscode',
+    'D3_TOTP_INPUT_HELP'                     => 'Das Einmalpasswort erhalten Sie von der Zweifaktorauthentisierung-App auf Ihrem Gerät.',
+    'D3_TOTP_SUBMIT_LOGIN'                   => 'Anmelden',
+    'D3_TOTP_CANCEL_LOGIN'                   => 'Anmeldung abbrechen',
+    'D3_TOTP_BREADCRUMB'                     => 'Einmalpasswort-Anmeldung',
+    'D3_TOTP_ERROR_UNVALID'                  => 'Das Einmalpasswort ist ungültig.',
+    'D3_TOTP_ACCOUNT'                        => '2-Faktor-Authentisierung',
+];
--- a/src/Application/views/blocks/page/account/inc/account_menu.tpl
+++ b/src/Application/views/blocks/page/account/inc/account_menu.tpl
@ -0,0 +1,4 @@
+[{$smarty.block.parent}]
+<li class="list-group-item[{if $active_link == "downloads"}] active[{/if}]">
+    <a href="[{oxgetseourl ident=$oViewConf->getSelfLink()|cat:"cl=d3_account_totp"}]" title="[{oxmultilang ident="D3_TOTP_ACCOUNT"}]">[{oxmultilang ident="D3_TOTP_ACCOUNT"}]</a>
+</li>
--- a/src/Application/views/tpl/d3totplogin.tpl
+++ b/src/Application/views/tpl/d3totplogin.tpl
@ -6,34 +6,40 @@
        [{include file="page/checkout/inc/steps.tpl" active=2}]
    [{/if}]

-    <form action="[{$oViewConf->getSelfActionLink()}]" method="post" name="login" id="login">
-        [{$oViewConf->getHiddenSid()}]
+    <div class="row">
+        <div class="col-xs-12 col-sm-10 col-md-6 col-sm-offset-1 col-md-offset-3 mainforms">
+            <form action="[{$oViewConf->getSelfActionLink()}]" method="post" name="login" id="login">
+                [{$oViewConf->getHiddenSid()}]

-        <input type="hidden" name="fnc" value="checkTotplogin">
-        <input type="hidden" name="cl" value="[{$oView->getPreviousClass()}]">
-        [{$navFormParams}]
+                <input type="hidden" name="fnc" value="checkTotplogin">
+                <input type="hidden" name="cl" value="[{$oView->getPreviousClass()}]">
+                [{$navFormParams}]

-        [{if $Errors.default|@count}]
-            [{include file="inc_error.tpl" Errorlist=$Errors.default}]
-        [{/if}]
+                [{if $Errors.default|@count}]
+                    [{include file="inc_error.tpl" Errorlist=$Errors.default}]
+                [{/if}]

-        [{$oView->getBackupCodeCountMessage()}]
+                [{$oView->getBackupCodeCountMessage()}]

-        <label for="d3totp">[{oxmultilang ident="TOTP_INPUT"}]</label>
-        <input type="text" name="d3totp" id="d3totp" value="" size="49" autofocus autocomplete="off"><br>
+                <label for="d3totp">[{oxmultilang ident="D3_TOTP_INPUT"}]</label>
+                <input type="text" name="d3totp" id="d3totp" value="" size="49" autofocus autocomplete="off"><br>

-        [{oxmultilang ident="TOTP_INPUT_HELP"}]
+                [{oxmultilang ident="D3_TOTP_INPUT_HELP"}]

-        [{* prevent cancel button (1st button) action when form is sent via Enter key *}]
-        <input type="submit" style="display:none !important;">
+                <input type="submit" value="[{oxmultilang ident="D3_TOTP_SUBMIT_LOGIN"}]" class="btn btn-primary"><br>
+            </form>
+            <form action="[{$oViewConf->getSelfActionLink()}]" method="post" name="login" id="login">
+                [{$oViewConf->getHiddenSid()}]

-        <input class="btn btn_cancel" value="[{oxmultilang ident="TOTP_CANCEL_LOGIN"}]" type="submit"
-               onclick="document.getElementById('login').fnc.value='d3CancelLogin'; document.getElementById('login').submit();"
-        >
-        <input type="submit">
-    </form>
+                <input type="hidden" name="fnc" value="cancelTotplogin">
+                <input type="hidden" name="cl" value="[{$oView->getPreviousClass()}]">
+                [{$navFormParams}]
+                <input class="btn btn_cancel" value="[{oxmultilang ident="D3_TOTP_CANCEL_LOGIN"}]" type="submit">
+            </form>
+        </div>
+    </div>

-    [{oxstyle include=$oViewConf->getModuleUrl('d3totp', 'out/admin/src/css/d3totplogin.css')}]
+    [{oxstyle include=$oViewConf->getModuleUrl('d3totp', 'out/flow/src/css/d3totplogin.css')}]
    [{oxstyle}]

    [{insert name="oxid_tracker" title=$template_title}]
--- a/src/IntelliSenseHelper.php
+++ b/src/IntelliSenseHelper.php
@ -15,29 +15,46 @@

 namespace D3\Totp\Modules\Application\Component
 {
-    class d3_totp_UserComponent_parent extends \OxidEsales\Eshop\Application\Component\UserComponent { }
+
+    use OxidEsales\Eshop\Application\Component\UserComponent;
+
+    class d3_totp_UserComponent_parent extends UserComponent { }
 }

 namespace D3\Totp\Modules\Application\Controller
 {
-    class d3_totp_UserController_parent extends \OxidEsales\Eshop\Application\Controller\UserController { }

-    class d3_totp_PaymentController_parent extends \OxidEsales\Eshop\Application\Controller\PaymentController { }
+    use OxidEsales\Eshop\Application\Controller\OrderController;
+    use OxidEsales\Eshop\Application\Controller\PaymentController;
+    use OxidEsales\Eshop\Application\Controller\UserController;

-    class d3_totp_OrderController_parent extends \OxidEsales\Eshop\Application\Controller\OrderController { }
+    class d3_totp_UserController_parent extends UserController { }
+
+    class d3_totp_PaymentController_parent extends PaymentController { }
+
+    class d3_totp_OrderController_parent extends OrderController { }
 }

 namespace D3\Totp\Modules\Application\Controller\Admin
 {
-    class d3_totp_LoginController_parent extends \OxidEsales\Eshop\Application\Controller\Admin\LoginController { }
+
+    use OxidEsales\Eshop\Application\Controller\Admin\LoginController;
+
+    class d3_totp_LoginController_parent extends LoginController { }
 }

 namespace D3\Totp\Modules\Application\Model
 {
-    class d3_totp_user_parent extends \OxidEsales\Eshop\Application\Model\User { }
+
+    use OxidEsales\Eshop\Application\Model\User;
+
+    class d3_totp_user_parent extends User { }
 }

 namespace D3\Totp\Modules\Core
 {
-    class d3_totp_utils_parent extends \OxidEsales\Eshop\Core\Utils { }
+
+    use OxidEsales\Eshop\Core\Utils;
+
+    class d3_totp_utils_parent extends Utils { }
 }
--- a/src/Modules/Application/Component/d3_totp_UserComponent.php
+++ b/src/Modules/Application/Component/d3_totp_UserComponent.php
@ -43,11 +43,11 @@ class d3_totp_UserComponent extends d3_totp_UserComponent_parent
                && false == Registry::getSession()->getVariable(d3totp::TOTP_SESSION_VARNAME)
            ) {
                Registry::getSession()->setVariable(
-                    'd3totpCurrentClass',
+                    d3totp::TOTP_SESSION_CURRENTCLASS,
                    $this->getParent()->getClassKey() != 'd3totplogin' ? $this->getParent()->getClassKey() : 'start');
-                Registry::getSession()->setVariable('d3totpCurrentUser', $oUser->getId());
+                Registry::getSession()->setVariable(d3totp::TOTP_SESSION_CURRENTUSER, $oUser->getId());
                Registry::getSession()->setVariable(
-                    'd3totpNavFormParams',
+                    d3totp::TOTP_SESSION_NAVFORMPARAMS,
                    $this->getParent()->getViewConfig()->getNavFormParams()
                );

@ -66,7 +66,7 @@ class d3_totp_UserComponent extends d3_totp_UserComponent_parent
    {
        $sTotp = Registry::getRequest()->getRequestEscapedParameter('d3totp', true);

-        $sUserId = Registry::getSession()->getVariable('d3totpCurrentUser');
+        $sUserId = Registry::getSession()->getVariable(d3totp::TOTP_SESSION_CURRENTUSER);
        $oUser = oxNew(User::class);
        $oUser->load($sUserId);

@ -87,13 +87,20 @@ class d3_totp_UserComponent extends d3_totp_UserComponent_parent
        return 'd3totplogin';
    }

+    public function cancelTotpLogin()
+    {
+        $this->d3TotpClearSessionVariables();
+
+        return false;
+    }
+
    /**
     * @param d3totp $totp
     * @return bool
     */
    public function isNoTotpOrNoLogin($totp)
    {
-        return false == Registry::getSession()->getVariable("d3totpCurrentUser")
+        return false == Registry::getSession()->getVariable(d3totp::TOTP_SESSION_CURRENTUSER)
            || false == $totp->isActive();
    }

@ -127,8 +134,8 @@ class d3_totp_UserComponent extends d3_totp_UserComponent_parent

    public function d3TotpClearSessionVariables()
    {
-        Registry::getSession()->deleteVariable('d3totpCurrentClass');
-        Registry::getSession()->deleteVariable('d3totpCurrentUser');
-        Registry::getSession()->deleteVariable('d3totpNavFormParams');
+        Registry::getSession()->deleteVariable(d3totp::TOTP_SESSION_CURRENTCLASS);
+        Registry::getSession()->deleteVariable(d3totp::TOTP_SESSION_CURRENTUSER);
+        Registry::getSession()->deleteVariable(d3totp::TOTP_SESSION_NAVFORMPARAMS);
    }
 }
--- a/src/Modules/Application/Controller/d3_totp_UserController.php
+++ b/src/Modules/Application/Controller/d3_totp_UserController.php
@ -15,10 +15,6 @@

 namespace D3\Totp\Modules\Application\Controller;

-use D3\Totp\Application\Model\d3backupcodelist;
-use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
-use OxidEsales\Eshop\Core\Registry;
-
 class d3_totp_UserController extends d3_totp_UserController_parent
 {
    use d3_totp_getUserTrait;
--- a/src/Modules/Application/Model/d3_totp_user.php
+++ b/src/Modules/Application/Model/d3_totp_user.php
@ -16,8 +16,6 @@
 namespace D3\Totp\Modules\Application\Model;

 use D3\Totp\Application\Model\d3totp;
-use Doctrine\DBAL\DBALException;
-use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
 use OxidEsales\Eshop\Core\Registry;

 class d3_totp_user extends d3_totp_user_parent
--- a/src/metadata.php
+++ b/src/metadata.php
@ -15,6 +15,15 @@
 * @link      http://www.oxidmodule.com
 */

+use D3\Totp\Application\Controller\Admin\d3user_totp;
+use D3\Totp\Application\Controller\d3totplogin;
+use D3\Totp\Modules\Application\Component\d3_totp_UserComponent;
+use D3\Totp\Modules\Application\Controller\Admin\d3_totp_LoginController;
+use D3\Totp\Modules\Application\Controller\d3_totp_OrderController;
+use D3\Totp\Modules\Application\Controller\d3_totp_PaymentController;
+use D3\Totp\Modules\Application\Controller\d3_totp_UserController;
+use D3\Totp\Modules\Application\Model\d3_totp_user;
+use D3\Totp\Modules\Core\d3_totp_utils;
 use D3\Totp\Setup as ModuleSetup;
 use D3\ModCfg\Application\Model\d3utils;
 use OxidEsales\Eshop\Application\Component\UserComponent;
@ -52,17 +61,17 @@ $aModule = [
    'email'         => 'support@shopmodule.com',
    'url'           => 'http://www.oxidmodule.com/',
    'extend'        => [
-        UserController::class              => \D3\Totp\Modules\Application\Controller\d3_totp_UserController::class,
-        PaymentController::class           => \D3\Totp\Modules\Application\Controller\d3_totp_PaymentController::class,
-        OrderController::class             => \D3\Totp\Modules\Application\Controller\d3_totp_OrderController::class,
-        OxidModel\User::class              => \D3\Totp\Modules\Application\Model\d3_totp_user::class,
-        LoginController::class             => \D3\Totp\Modules\Application\Controller\Admin\d3_totp_LoginController::class,
-        Utils::class                       => \D3\Totp\Modules\Core\d3_totp_utils::class,
-        UserComponent::class               => \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::class,
+        UserController::class              => d3_totp_UserController::class,
+        PaymentController::class           => d3_totp_PaymentController::class,
+        OrderController::class             => d3_totp_OrderController::class,
+        OxidModel\User::class              => d3_totp_user::class,
+        LoginController::class             => d3_totp_LoginController::class,
+        Utils::class                       => d3_totp_utils::class,
+        UserComponent::class               => d3_totp_UserComponent::class,
    ],
    'controllers'           => [
-        'd3user_totp'       =>  \D3\Totp\Application\Controller\Admin\d3user_totp::class,
-        'd3totplogin'       =>  \D3\Totp\Application\Controller\d3totplogin::class
+        'd3user_totp'       =>  d3user_totp::class,
+        'd3totplogin'       =>  d3totplogin::class
    ],
    'templates'             => [
        'd3user_totp.tpl'   => 'd3/totp/Application/views/admin/tpl/d3user_totp.tpl',
@ -79,6 +88,11 @@ $aModule = [
            'template'      => 'login.tpl',
            'block'         => 'admin_login_form',
            'file'          => 'Application/views/admin/blocks/d3totp_login_admin_login_form.tpl',
+        ],
+        [
+            'template'      => 'page/account/inc/account_menu.tpl',
+            'block'         => 'account_menu',
+            'file'          => 'Application/views/blocks/page/account/inc/account_menu.tpl',
        ]
    ],
    'd3FileRegister'        => [
--- a/src/out/flow/src/css/d3totplogin.css
+++ b/src/out/flow/src/css/d3totplogin.css
@ -0,0 +1,17 @@
+#login {
+    display: flex;
+    flex-flow: column;
+}
+#login .btn.btn_cancel {
+    background: silver;
+    color: black;
+}
+
+.cl-d3totplogin .btn {
+    margin: 10px 0;
+}
+
+.cl-d3totplogin .mainforms {
+    margin-top: 20px;
+    margin-bottom: 20px;
+}