2019-05-13 01:38:15 -04:00
< ? php
2020-02-09 09:45:36 -05:00
/**
2021-03-29 02:40:20 -04:00
* @ copyright Copyright ( C ) 2010 - 2021 , the Friendica project
2020-02-09 09:45:36 -05:00
*
* @ license GNU AGPL version 3 or any later version
*
* This program is free software : you can redistribute it and / or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation , either version 3 of the
* License , or ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU Affero General Public License for more details .
*
* You should have received a copy of the GNU Affero General Public License
* along with this program . If not , see < https :// www . gnu . org / licenses />.
*
*/
2019-05-13 01:38:15 -04:00
namespace Friendica\Module\Settings\TwoFactor ;
use BaconQrCode\Renderer\Image\SvgImageBackEnd ;
use BaconQrCode\Renderer\ImageRenderer ;
use BaconQrCode\Renderer\RendererStyle\RendererStyle ;
use BaconQrCode\Writer ;
use Friendica\Core\Renderer ;
use Friendica\Core\Session ;
2019-12-15 16:34:11 -05:00
use Friendica\DI ;
2020-01-22 23:14:14 -05:00
use Friendica\Module\BaseSettings ;
2019-12-27 16:19:28 -05:00
use Friendica\Module\Security\Login ;
2019-05-13 01:38:15 -04:00
use PragmaRX\Google2FA\Google2FA ;
/**
* // Page 4: 2FA enabled but not verified, QR code and verification
*
* @ package Friendica\Module\TwoFactor\Settings
*/
2020-01-22 23:14:14 -05:00
class Verify extends BaseSettings
2019-05-13 01:38:15 -04:00
{
2019-11-05 16:48:54 -05:00
public static function init ( array $parameters = [])
2019-05-13 01:38:15 -04:00
{
if ( ! local_user ()) {
return ;
}
2020-01-18 10:50:57 -05:00
$secret = DI :: pConfig () -> get ( local_user (), '2fa' , 'secret' );
$verified = DI :: pConfig () -> get ( local_user (), '2fa' , 'verified' );
2019-05-13 01:38:15 -04:00
if ( $secret && $verified ) {
2019-12-15 18:28:31 -05:00
DI :: baseUrl () -> redirect ( 'settings/2fa' );
2019-05-13 01:38:15 -04:00
}
if ( ! self :: checkFormSecurityToken ( 'settings_2fa_password' , 't' )) {
2020-01-18 14:52:34 -05:00
notice ( DI :: l10n () -> t ( 'Please enter your password to access this page.' ));
2019-12-15 18:28:31 -05:00
DI :: baseUrl () -> redirect ( 'settings/2fa' );
2019-05-13 01:38:15 -04:00
}
}
2019-11-05 16:48:54 -05:00
public static function post ( array $parameters = [])
2019-05-13 01:38:15 -04:00
{
if ( ! local_user ()) {
return ;
}
2019-10-15 09:20:32 -04:00
if (( $_POST [ 'action' ] ? ? '' ) == 'verify' ) {
2019-05-13 01:38:15 -04:00
self :: checkFormSecurityTokenRedirectOnError ( 'settings/2fa/verify' , 'settings_2fa_verify' );
$google2fa = new Google2FA ();
2020-01-18 10:50:57 -05:00
$valid = $google2fa -> verifyKey ( DI :: pConfig () -> get ( local_user (), '2fa' , 'secret' ), $_POST [ 'verify_code' ] ? ? '' );
2019-05-13 01:38:15 -04:00
if ( $valid ) {
2020-01-18 10:54:50 -05:00
DI :: pConfig () -> set ( local_user (), '2fa' , 'verified' , true );
2019-05-13 01:38:15 -04:00
Session :: set ( '2fa' , true );
2020-09-07 06:17:42 -04:00
info ( DI :: l10n () -> t ( 'Two-factor authentication successfully activated.' ));
2019-05-13 01:38:15 -04:00
2019-12-15 18:28:31 -05:00
DI :: baseUrl () -> redirect ( 'settings/2fa' );
2019-05-13 01:38:15 -04:00
} else {
2020-01-18 14:52:34 -05:00
notice ( DI :: l10n () -> t ( 'Invalid code, please retry.' ));
2019-05-13 01:38:15 -04:00
}
}
}
2019-11-05 16:48:54 -05:00
public static function content ( array $parameters = [])
2019-05-13 01:38:15 -04:00
{
if ( ! local_user ()) {
return Login :: form ( 'settings/2fa/verify' );
}
2019-11-05 15:22:54 -05:00
parent :: content ( $parameters );
2019-05-13 01:38:15 -04:00
$company = 'Friendica' ;
$holder = Session :: get ( 'my_address' );
2020-01-18 10:50:57 -05:00
$secret = DI :: pConfig () -> get ( local_user (), '2fa' , 'secret' );
2019-05-13 01:38:15 -04:00
$otpauthUrl = ( new Google2FA ()) -> getQRCodeUrl ( $company , $holder , $secret );
$renderer = ( new \BaconQrCode\Renderer\Image\Svg ())
-> setHeight ( 256 )
-> setWidth ( 256 );
$writer = new Writer ( $renderer );
$qrcode_image = str_replace ( '<?xml version="1.0" encoding="UTF-8"?>' , '' , $writer -> writeString ( $otpauthUrl ));
$shortOtpauthUrl = explode ( '?' , $otpauthUrl )[ 0 ];
2020-01-18 14:52:34 -05:00
$manual_message = DI :: l10n () -> t ( ' < p > Or you can submit the authentication settings manually :</ p >
2019-05-13 01:38:15 -04:00
< dl >
< dt > Issuer </ dt >
< dd >% s </ dd >
< dt > Account Name </ dt >
< dd >% s </ dd >
< dt > Secret Key </ dt >
< dd >% s </ dd >
< dt > Type </ dt >
< dd > Time - based </ dd >
< dt > Number of digits </ dt >
< dd > 6 </ dd >
< dt > Hashing algorithm </ dt >
< dd > SHA - 1 </ dd >
</ dl > ' , $company , $holder , $secret );
return Renderer :: replaceMacros ( Renderer :: getMarkupTemplate ( 'settings/twofactor/verify.tpl' ), [
2019-05-13 13:31:08 -04:00
'$form_security_token' => self :: getFormSecurityToken ( 'settings_2fa_verify' ),
2019-05-13 01:38:15 -04:00
'$password_security_token' => self :: getFormSecurityToken ( 'settings_2fa_password' ),
2019-05-13 13:31:08 -04:00
2020-01-18 14:52:34 -05:00
'$title' => DI :: l10n () -> t ( 'Two-factor code verification' ),
'$help_label' => DI :: l10n () -> t ( 'Help' ),
'$message' => DI :: l10n () -> t ( '<p>Please scan this QR Code with your authenticator app and submit the provided code.</p>' ),
2019-05-13 13:31:08 -04:00
'$qrcode_image' => $qrcode_image ,
2020-09-04 08:17:58 -04:00
'$qrcode_url_message' => DI :: l10n () -> t ( '<p>Or you can open the following URL in your mobile device:</p><p><a href="%s">%s</a></p>' , $otpauthUrl , $shortOtpauthUrl ),
2019-05-13 13:31:08 -04:00
'$manual_message' => $manual_message ,
'$company' => $company ,
'$holder' => $holder ,
'$secret' => $secret ,
2019-05-13 01:38:15 -04:00
2020-12-21 00:25:21 -05:00
'$verify_code' => [ 'verify_code' , DI :: l10n () -> t ( 'Please enter a code from your authentication app' ), '' , '' , DI :: l10n () -> t ( 'Required' ), 'autofocus autocomplete="off" placeholder="000000"' ],
2020-01-18 14:52:34 -05:00
'$verify_label' => DI :: l10n () -> t ( 'Verify code and enable two-factor authentication' ),
2019-05-13 01:38:15 -04:00
]);
}
}