internalRedirect('settings/2fa'); } if (!self::checkFormSecurityToken('settings_2fa_password', 't')) { notice(L10n::t('Please enter your password to access this page.')); self::getApp()->internalRedirect('settings/2fa'); } } public static function post() { if (!local_user()) { return; } if (defaults($_POST, 'action', null) == 'verify') { self::checkFormSecurityTokenRedirectOnError('settings/2fa/verify', 'settings_2fa_verify'); $google2fa = new Google2FA(); $valid = $google2fa->verifyKey(PConfig::get(local_user(), '2fa', 'secret'), defaults($_POST, 'verify_code', '')); if ($valid) { PConfig::set(local_user(), '2fa', 'verified', true); Session::set('2fa', true); notice(L10n::t('Two-factor authentication successfully activated.')); self::getApp()->internalRedirect('settings/2fa'); } else { notice(L10n::t('Invalid code, please retry.')); } } } public static function content() { if (!local_user()) { return Login::form('settings/2fa/verify'); } parent::content(); $company = 'Friendica'; $holder = Session::get('my_address'); $secret = PConfig::get(local_user(), '2fa', 'secret'); $otpauthUrl = (new Google2FA())->getQRCodeUrl($company, $holder, $secret); $renderer = (new \BaconQrCode\Renderer\Image\Svg()) ->setHeight(256) ->setWidth(256); $writer = new Writer($renderer); $qrcode_image = str_replace('', '', $writer->writeString($otpauthUrl)); $shortOtpauthUrl = explode('?', $otpauthUrl)[0]; $manual_message = L10n::t('

Or you can submit the authentication settings manually:

Issuer
%s
Account Name
%s
Secret Key
%s
Type
Time-based
Number of digits
6
Hashing algorithm
SHA-1
', $company, $holder, $secret); return Renderer::replaceMacros(Renderer::getMarkupTemplate('settings/twofactor/verify.tpl'), [ '$form_security_token' => self::getFormSecurityToken('settings_2fa_verify'), '$password_security_token' => self::getFormSecurityToken('settings_2fa_password'), '$title' => L10n::t('Two-factor code verification'), '$help_label' => L10n::t('Help'), '$message' => L10n::t('

Please scan this QR Code with your authenticator app and submit the provided code.

'), '$qrcode_image' => $qrcode_image, '$qrcode_url_message' => L10n::t('

Or you can open the following URL in your mobile devicde:

%s

', $otpauthUrl, $shortOtpauthUrl), '$manual_message' => $manual_message, '$company' => $company, '$holder' => $holder, '$secret' => $secret, '$verify_code' => ['verify_code', L10n::t('Please enter a code from your authentication app'), '', '', 'required', 'autofocus placeholder="000000"'], '$verify_label' => L10n::t('Verify code and enable two-factor authentication'), ]); } }