Misterzym
/
CodeIgniter-Aauth
mirror of https://github.com/misterzym/CodeIgniter-Aauth.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

added totp ability & updated tests

v3-dev
REJack 6 years ago
parent
89fd655074
commit
83d10aceb3
No known key found for this signature in database
GPG Key ID: 4A44B48700429F46
2 changed files with 75 additions and 58 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 121
      app/Libraries/Aauth.php
  2. 12
      tests/Aauth/Libraries/Aauth/AccessTest.php

121
app/Libraries/Aauth.php
Unescape View File

@ -285,60 +285,62 @@ class Aauth
return false; return false;
} }
// if ($this->config->totpEnabled && ! $this->config->totpOnIpChange && $this->config->totpLogin) if ($this->config->totpEnabled)
// { {
// if ($this->config->totpLogin == true) $totpSecret = $userVariableModel->find($user['id'], 'totp_secret', true);
// { $request = \Config\Services::request();
// $this->session->set('totp_required', true);
// } if ($this->config->totpLogin)
{
// $totp_secret = $userVariableModel->find($user['id'], 'totp_secret', true); if (! $this->config->totpOnIpChange)
// if ( ! empty($totp_secret) && ! $totp_code) { {
// $this->error(lang('Aauth.requiredTOTPCode')); if (! empty($totpSecret) && ! $totpCode)
// return false; {
// } else { $this->error(lang('Aauth.requiredTOTPCode'));
// if( ! empty($totp_secret)){
// $this->CI->load->helper('googleauthenticator'); return false;
// $ga = new PHPGangsta_GoogleAuthenticator(); }
// $checkResult = $ga->verifyCode($totp_secret, $totp_code, 0); else if (! $this->verifyUserTotpCode($totpCode, $user['id']))
// if ( ! $checkResult) { {
// $this->error(lang('Aauth.invalidTOTPCode')); $this->error(lang('Aauth.invalidTOTPCode'));
// return false;
// } return false;
// } }
// } }
// } else if ($this->config->totpOnIpChange)
// else if ($this->config->totpEnabled && $this->config->totpOnIpChange) {
// { if ($request->getIPAddress() !== $lastIpAddress)
// $query = null; {
// $query = $this->aauth_db->where($db_identifier, $identifier); if (! empty($totpSecret) && ! $totpCode)
// $query = $this->aauth_db->get($this->config->users); {
// $totp_secret = $query->row()->totp_secret; $this->error(lang('Aauth.requiredTOTPCode'));
// $ip_address = $query->row()->ip_address;
// $current_ip_address = $this->CI->input->ip_address(); return false;
// if ($query->num_rows() > 0 AND !$totp_code) { }
// if($ip_address != $current_ip_address ){ else if (! $this->verifyUserTotpCode($totpCode, $user['id']))
// if($this->config->totpLogin == false){ {
// $this->error(lang('Aauth.aauth_error_totp_code_required')); $this->error(lang('Aauth.invalidTOTPCode'));
// return false;
// } else if($this->config->totpLogin == true){ return false;
// $this->session->set('totp_required', true); }
// } }
// } }
// }else { }
// if(!empty($totp_secret)){ else if (! $this->config->totpLogin)
// if($ip_address != $current_ip_address ){ {
// $this->CI->load->helper('googleauthenticator'); if (! $this->config->totpOnIpChange)
// $ga = new PHPGangsta_GoogleAuthenticator(); {
// $checkResult = $ga->verifyCode($totp_secret, $totp_code, 0); $this->session->set('totp_required', true);
// if (!$checkResult) { }
// $this->error(lang('Aauth.aauth_error_totp_code_invalid')); else if ($this->config->totpOnIpChange)
// return false; {
// } if ($request->getIPAddress() !== $lastIpAddress)
// } {
// } $this->session->set('totp_required', true);
// } }
// } }
}
}
if (password_verify($password, $user['password'])) if (password_verify($password, $user['password']))
{ {
@ -592,10 +594,13 @@ class Aauth
*/ */
public function isAllowed($permPar, int $userId = null) public function isAllowed($permPar, int $userId = null)
{ {
// if($this->CI->session->userdata('totp_required')){ if ($this->config->totpEnabled && ! $this->config->totpLogin)
// $this->error($this->CI->lang->line('aauth_error_totp_verification_required')); {
// redirect($this->config_vars['totp_two_step_login_redirect']); if ($this->isTotpRequired())
// } {
return redirect()->to($this->config->totpLink);
}
}
$userModel = new UserModel(); $userModel = new UserModel();

12
tests/Aauth/Libraries/Aauth/AccessTest.php
Unescape View File

@ -159,6 +159,18 @@ class AccessTest extends CIDatabaseTestCase
$this->assertTrue($this->library->isAllowed('testPerm1')); $this->assertTrue($this->library->isAllowed('testPerm1'));
$session->remove('user'); $session->remove('user');
$config->totpEnabled = true;
$session = $this->getInstance();
$this->library = new Aauth($config, $session);
$session->set('user', [
'id' => 1,
'loggedIn' => true,
'totp_required' => true,
]);
$this->assertTrue($this->library->isAllowed('testPerm1') instanceof \CodeIgniter\HTTP\RedirectResponse);
$session->remove('user');
$this->assertFalse($this->library->isAllowed('testPerm99', 2)); $this->assertFalse($this->library->isAllowed('testPerm99', 2));
$this->assertFalse($this->library->isAllowed('testPerm1', 99)); $this->assertFalse($this->library->isAllowed('testPerm1', 99));
} }

Write Preview
Loading…
Cancel
Save