You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
143 lines
2.8 KiB
143 lines
2.8 KiB
<?php |
|
/** |
|
* CodeIgniter-Aauth |
|
* |
|
* Aauth is a User Authorization Library for CodeIgniter 4.x, which aims to make |
|
* easy some essential jobs such as login, permissions and access operations. |
|
* Despite ease of use, it has also very advanced features like grouping, |
|
* access management, public access etc.. |
|
* |
|
* @package CodeIgniter-Aauth |
|
* @since 3.0.0 |
|
* @author Emre Akay |
|
* @author Raphael "REJack" Jackstadt |
|
* @copyright 2014-2019 Emre Akay |
|
* @license https://opensource.org/licenses/MIT MIT License |
|
* @link https://github.com/emreakay/CodeIgniter-Aauth |
|
*/ |
|
|
|
namespace App\Libraries\Aauth; |
|
|
|
use \App\Models\Aauth\UserVariableModel; |
|
|
|
use OTPHP\TOTP as OTPHP_TOTP; |
|
|
|
/** |
|
* Aauth TOTP |
|
* |
|
* Class for handling 2-factor authentication |
|
* |
|
* @package CodeIgniter-Aauth |
|
*/ |
|
class TOTP extends \App\Libraries\Aauth |
|
{ |
|
/** |
|
* Update User TOTP Secret |
|
* |
|
* @param integer $userId User Id |
|
* @param string $secret Secret Key |
|
* |
|
* @return boolean |
|
*/ |
|
public function updateUserTotpSecret(int $userId = null, string $secret) |
|
{ |
|
if (! $userId) |
|
{ |
|
$userId = (int) @$this->session->user['id']; |
|
} |
|
|
|
$userVariableModel = new UserVariableModel(); |
|
|
|
return $userVariableModel->save($userId, 'totp_secret', $secret, true); |
|
} |
|
|
|
/** |
|
* Generate Unique TOTP Secret |
|
* |
|
* @return string |
|
*/ |
|
public function generateUniqueTotpSecret() |
|
{ |
|
$endSecret = false; |
|
|
|
$userVariableModel = new UserVariableModel(); |
|
|
|
while (! $endSecret) |
|
{ |
|
$secret = OTPHP_TOTP::create(); |
|
|
|
if ($secret->getSecret() !== $userVariableModel->where(['data_key' => 'totp_secret', 'data_value' => $secret->getSecret(), 'system' => 1])->getFirstRow('array')) |
|
{ |
|
$endSecret = $secret->getSecret(); |
|
} |
|
} |
|
|
|
return $endSecret; |
|
} |
|
|
|
/** |
|
* Generate TOTP QR Code |
|
* |
|
* Generate TOTP QR Code URI by Secret |
|
* |
|
* @param string $secret Secret Key |
|
* |
|
* @return string |
|
*/ |
|
public function generateTotpQrCode(string $secret, string $label = '') |
|
{ |
|
$totp = OTPHP_TOTP::create($secret); |
|
$totp->setLabel($label); |
|
|
|
return $totp->getQrCodeUri(); |
|
} |
|
|
|
/** |
|
* Verify user TOTP Code |
|
* |
|
* @param integer $totpCode TOTP Code |
|
* @param integer $userId User Id |
|
* |
|
* @return boolean |
|
*/ |
|
public function verifyUserTotpCode(int $totpCode, int $userId = null) |
|
{ |
|
if (! $userId) |
|
{ |
|
$userId = (int) @$this->session->user['id']; |
|
} |
|
|
|
$userVariableModel = new UserVariableModel(); |
|
|
|
if ($totpSecret = $userVariableModel->find($userId, 'totp_secret', true)) |
|
{ |
|
$totp = OTPHP_TOTP::create($totpSecret); |
|
|
|
if ($totp->verify($totpCode)) |
|
{ |
|
return true; |
|
} |
|
|
|
unset($_SESSION['user']['totp_required']); |
|
} |
|
|
|
return false; |
|
} |
|
|
|
/** |
|
* IS TOTP Required |
|
* |
|
* Checks if User need TOTP verification. |
|
* |
|
* @return boolean |
|
*/ |
|
public function isTotpRequired() |
|
{ |
|
if (@$this->session->user['totp_required']) |
|
{ |
|
return true; |
|
} |
|
|
|
return false; |
|
} |
|
}
|
|
|