2019-05-13 01:38:15 -04:00
< ? php
namespace Friendica\Module\Settings\TwoFactor ;
use Friendica\Core\Renderer ;
2019-12-15 16:34:11 -05:00
use Friendica\DI ;
2019-07-22 07:41:01 -04:00
use Friendica\Model\TwoFactor\RecoveryCode ;
2020-01-22 23:14:14 -05:00
use Friendica\Module\BaseSettings ;
2019-12-27 16:19:28 -05:00
use Friendica\Module\Security\Login ;
2019-05-13 01:38:15 -04:00
/**
* // Page 3: 2FA enabled but not verified, show recovery codes
*
* @ package Friendica\Module\TwoFactor
*/
2020-01-22 23:14:14 -05:00
class Recovery extends BaseSettings
2019-05-13 01:38:15 -04:00
{
2019-11-05 16:48:54 -05:00
public static function init ( array $parameters = [])
2019-05-13 01:38:15 -04:00
{
if ( ! local_user ()) {
return ;
}
2020-01-18 10:50:57 -05:00
$secret = DI :: pConfig () -> get ( local_user (), '2fa' , 'secret' );
2019-05-13 01:38:15 -04:00
if ( ! $secret ) {
2019-12-15 18:28:31 -05:00
DI :: baseUrl () -> redirect ( 'settings/2fa' );
2019-05-13 01:38:15 -04:00
}
if ( ! self :: checkFormSecurityToken ( 'settings_2fa_password' , 't' )) {
2020-01-18 14:52:34 -05:00
notice ( DI :: l10n () -> t ( 'Please enter your password to access this page.' ));
2019-12-15 18:28:31 -05:00
DI :: baseUrl () -> redirect ( 'settings/2fa' );
2019-05-13 01:38:15 -04:00
}
}
2019-11-05 16:48:54 -05:00
public static function post ( array $parameters = [])
2019-05-13 01:38:15 -04:00
{
if ( ! local_user ()) {
return ;
}
if ( ! empty ( $_POST [ 'action' ])) {
self :: checkFormSecurityTokenRedirectOnError ( 'settings/2fa/recovery' , 'settings_2fa_recovery' );
if ( $_POST [ 'action' ] == 'regenerate' ) {
2019-07-22 07:41:01 -04:00
RecoveryCode :: regenerateForUser ( local_user ());
2020-01-18 14:52:34 -05:00
notice ( DI :: l10n () -> t ( 'New recovery codes successfully generated.' ));
2019-12-15 18:28:31 -05:00
DI :: baseUrl () -> redirect ( 'settings/2fa/recovery?t=' . self :: getFormSecurityToken ( 'settings_2fa_password' ));
2019-05-13 01:38:15 -04:00
}
}
}
2019-11-05 16:48:54 -05:00
public static function content ( array $parameters = [])
2019-05-13 01:38:15 -04:00
{
if ( ! local_user ()) {
return Login :: form ( 'settings/2fa/recovery' );
}
2019-11-05 15:22:54 -05:00
parent :: content ( $parameters );
2019-05-13 01:38:15 -04:00
2019-07-22 07:41:01 -04:00
if ( ! RecoveryCode :: countValidForUser ( local_user ())) {
RecoveryCode :: generateForUser ( local_user ());
2019-05-13 01:38:15 -04:00
}
2019-07-22 07:41:01 -04:00
$recoveryCodes = RecoveryCode :: getListForUser ( local_user ());
2019-05-13 01:38:15 -04:00
2020-01-18 10:50:57 -05:00
$verified = DI :: pConfig () -> get ( local_user (), '2fa' , 'verified' );
2019-05-13 01:38:15 -04:00
return Renderer :: replaceMacros ( Renderer :: getMarkupTemplate ( 'settings/twofactor/recovery.tpl' ), [
2019-05-13 13:31:08 -04:00
'$form_security_token' => self :: getFormSecurityToken ( 'settings_2fa_recovery' ),
2019-05-13 01:38:15 -04:00
'$password_security_token' => self :: getFormSecurityToken ( 'settings_2fa_password' ),
2019-05-13 13:31:08 -04:00
2020-01-18 14:52:34 -05:00
'$title' => DI :: l10n () -> t ( 'Two-factor recovery codes' ),
'$help_label' => DI :: l10n () -> t ( 'Help' ),
'$message' => DI :: l10n () -> t ( '<p>Recovery codes can be used to access your account in the event you lose access to your device and cannot receive two-factor authentication codes.</p><p><strong>Put these in a safe spot!</strong> If you lose your device and don’ ),
2019-05-13 13:31:08 -04:00
'$recovery_codes' => $recoveryCodes ,
2020-01-18 14:52:34 -05:00
'$regenerate_message' => DI :: l10n () -> t ( 'When you generate new recovery codes, you must copy the new codes. Your old codes won’ ),
'$regenerate_label' => DI :: l10n () -> t ( 'Generate new recovery codes' ),
2019-05-13 13:31:08 -04:00
'$verified' => $verified ,
2020-01-18 14:52:34 -05:00
'$verify_label' => DI :: l10n () -> t ( 'Next: Verification' ),
2019-05-13 01:38:15 -04:00
]);
}
}
