forked from D3Public/oxtotp
make compatible to TOTP library v0.9, save password for decoding the seed
This commit is contained in:
parent
0a528f993b
commit
ad2085c603
@ -27,6 +27,8 @@ use OxidEsales\Eshop\Core\Registry;
|
|||||||
|
|
||||||
class d3totp extends BaseModel
|
class d3totp extends BaseModel
|
||||||
{
|
{
|
||||||
|
const TOTP_SESSION_VARNAME = 'totp_auth';
|
||||||
|
|
||||||
public $tableName = 'd3totp';
|
public $tableName = 'd3totp';
|
||||||
public $userId;
|
public $userId;
|
||||||
public $totp;
|
public $totp;
|
||||||
@ -89,6 +91,7 @@ class d3totp extends BaseModel
|
|||||||
public function getSavedSecret()
|
public function getSavedSecret()
|
||||||
{
|
{
|
||||||
$secret = $this->getFieldData('seed');
|
$secret = $this->getFieldData('seed');
|
||||||
|
$sPwd = Registry::getSession()->getVariable('pwdTransmit');
|
||||||
|
|
||||||
if ($secret) {
|
if ($secret) {
|
||||||
return $secret;
|
return $secret;
|
||||||
@ -103,19 +106,38 @@ class d3totp extends BaseModel
|
|||||||
public function getTotp()
|
public function getTotp()
|
||||||
{
|
{
|
||||||
if (false == $this->totp) {
|
if (false == $this->totp) {
|
||||||
$this->totp = oxNew(
|
|
||||||
TOTP::class,
|
if ($this->getTotpLibVersion() == 8) { // version 0.8 (< PHP 7.1)
|
||||||
$this->getUser()->getFieldData('oxusername')
|
$this->totp = oxNew(
|
||||||
|
TOTP::class,
|
||||||
|
$this->getUser()->getFieldData('oxusername')
|
||||||
|
? $this->getUser()->getFieldData('oxusername')
|
||||||
|
: null,
|
||||||
|
$this->getSavedSecret()
|
||||||
|
);
|
||||||
|
} else { // version 0.9 (>= PHP 7.1)
|
||||||
|
$this->totp = TOTP::create($this->getSavedSecret());
|
||||||
|
$this->totp->setLabel($this->getUser()->getFieldData('oxusername')
|
||||||
? $this->getUser()->getFieldData('oxusername')
|
? $this->getUser()->getFieldData('oxusername')
|
||||||
: null,
|
: null
|
||||||
$this->getSavedSecret()
|
);
|
||||||
);
|
}
|
||||||
$this->totp->setIssuer(Registry::getConfig()->getActiveShop()->getFieldData('oxname'));
|
$this->totp->setIssuer(Registry::getConfig()->getActiveShop()->getFieldData('oxname'));
|
||||||
}
|
}
|
||||||
|
|
||||||
return $this->totp;
|
return $this->totp;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return int
|
||||||
|
*/
|
||||||
|
public function getTotpLibVersion()
|
||||||
|
{
|
||||||
|
return method_exists(TOTP::class, 'create') ?
|
||||||
|
9 :
|
||||||
|
8;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
|
@ -1,4 +1,5 @@
|
|||||||
[{if $request_totp}]
|
[{if $request_totp}]
|
||||||
|
<input autocomplete="false" name="hidden" type="text" style="display:none;">
|
||||||
[{$oViewConf->getHiddenSid()}]
|
[{$oViewConf->getHiddenSid()}]
|
||||||
|
|
||||||
<input type="hidden" name="fnc" value="checklogin">
|
<input type="hidden" name="fnc" value="checklogin">
|
||||||
|
@ -39,7 +39,7 @@ class d3_totp_LoginController extends d3_totp_LoginController_parent
|
|||||||
|
|
||||||
if ($auth
|
if ($auth
|
||||||
&& $totp->UserUseTotp()
|
&& $totp->UserUseTotp()
|
||||||
&& false == Registry::getSession()->getVariable("totp_auth")
|
&& false == Registry::getSession()->getVariable(d3totp::TOTP_SESSION_VARNAME)
|
||||||
) {
|
) {
|
||||||
// set auth as secured parameter;
|
// set auth as secured parameter;
|
||||||
Registry::getSession()->setVariable("auth", $auth);
|
Registry::getSession()->setVariable("auth", $auth);
|
||||||
@ -61,13 +61,17 @@ class d3_totp_LoginController extends d3_totp_LoginController_parent
|
|||||||
$totp = oxNew(d3totp::class);
|
$totp = oxNew(d3totp::class);
|
||||||
$totp->loadByUserId(Registry::getSession()->getVariable("auth"));
|
$totp->loadByUserId(Registry::getSession()->getVariable("auth"));
|
||||||
|
|
||||||
|
if (Registry::getRequest()->getRequestParameter('pwd')) {
|
||||||
|
Registry::getSession()->setVariable('pwdTransmit', Registry::getRequest()->getRequestParameter('pwd'));
|
||||||
|
}
|
||||||
|
|
||||||
$return = 'login';
|
$return = 'login';
|
||||||
|
|
||||||
try {
|
try {
|
||||||
if ($this->isNoTotpOrNoLogin($totp)) {
|
if ($this->isNoTotpOrNoLogin($totp)) {
|
||||||
$return = parent::checklogin();
|
$return = parent::checklogin();
|
||||||
} elseif ($this->hasValidTotp($sTotp, $totp)) {
|
} elseif ($this->hasValidTotp($sTotp, $totp)) {
|
||||||
Registry::getSession()->setVariable('totp_auth', $sTotp);
|
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_VARNAME, $sTotp);
|
||||||
$return = "admin_start";
|
$return = "admin_start";
|
||||||
}
|
}
|
||||||
} catch (d3totp_wrongOtpException $oEx) {
|
} catch (d3totp_wrongOtpException $oEx) {
|
||||||
@ -95,7 +99,7 @@ class d3_totp_LoginController extends d3_totp_LoginController_parent
|
|||||||
*/
|
*/
|
||||||
public function hasValidTotp($sTotp, $totp)
|
public function hasValidTotp($sTotp, $totp)
|
||||||
{
|
{
|
||||||
return Registry::getSession()->getVariable("totp_auth") ||
|
return Registry::getSession()->getVariable(d3totp::TOTP_SESSION_VARNAME) ||
|
||||||
(
|
(
|
||||||
$sTotp && $totp->verify($sTotp)
|
$sTotp && $totp->verify($sTotp)
|
||||||
);
|
);
|
||||||
|
@ -15,6 +15,7 @@
|
|||||||
|
|
||||||
namespace D3\Totp\Modules\Application\Model;
|
namespace D3\Totp\Modules\Application\Model;
|
||||||
|
|
||||||
|
use D3\Totp\Application\Model\d3totp;
|
||||||
use OxidEsales\Eshop\Core\Registry;
|
use OxidEsales\Eshop\Core\Registry;
|
||||||
|
|
||||||
class d3_totp_user extends d3_totp_user_parent
|
class d3_totp_user extends d3_totp_user_parent
|
||||||
@ -24,7 +25,7 @@ class d3_totp_user extends d3_totp_user_parent
|
|||||||
$return = parent::logout();
|
$return = parent::logout();
|
||||||
|
|
||||||
// deleting session info
|
// deleting session info
|
||||||
Registry::getSession()->deleteVariable('totp_auth');
|
Registry::getSession()->deleteVariable(d3totp::TOTP_SESSION_VARNAME);
|
||||||
|
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
|
@ -32,7 +32,7 @@ class d3_totp_utils extends d3_totp_utils_parent
|
|||||||
$blAuth = parent::checkAccessRights();
|
$blAuth = parent::checkAccessRights();
|
||||||
|
|
||||||
$userID = Registry::getSession()->getVariable("auth");
|
$userID = Registry::getSession()->getVariable("auth");
|
||||||
$totpAuth = (bool) Registry::getSession()->getVariable("totp_auth");
|
$totpAuth = (bool) Registry::getSession()->getVariable(d3totp::TOTP_SESSION_VARNAME);
|
||||||
/** @var d3totp $totp */
|
/** @var d3totp $totp */
|
||||||
$totp = oxNew(d3totp::class);
|
$totp = oxNew(d3totp::class);
|
||||||
$totp->loadByUserId($userID);
|
$totp->loadByUserId($userID);
|
||||||
|
@ -81,7 +81,7 @@ $aModule = [
|
|||||||
// `OXID` CHAR(32) NOT NULL,
|
// `OXID` CHAR(32) NOT NULL,
|
||||||
// `OXUSERID` CHAR(32) NOT NULL,
|
// `OXUSERID` CHAR(32) NOT NULL,
|
||||||
// `USETOTP` TINYINT(1) NOT NULL DEFAULT '0',
|
// `USETOTP` TINYINT(1) NOT NULL DEFAULT '0',
|
||||||
// `SEED` VARCHAR(100) NOT NULL DEFAULT '0',
|
// `SEED` VARCHAR(125) NOT NULL DEFAULT '0',
|
||||||
// PRIMARY KEY (`OXID`),
|
// PRIMARY KEY (`OXID`),
|
||||||
// UNIQUE INDEX `Schl<68>ssel 2` (`OXUSERID`)
|
// UNIQUE INDEX `Schl<68>ssel 2` (`OXUSERID`)
|
||||||
//)
|
//)
|
||||||
|
Loading…
Reference in New Issue
Block a user