Fixes in double auth
This commit is contained in:
parent
b4f758f0b5
commit
b37316ce64
4 changed files with 81 additions and 11 deletions
|
|
@ -3,16 +3,13 @@
|
||||||
{
|
{
|
||||||
|
|
||||||
"type": "vcs",
|
"type": "vcs",
|
||||||
"url": "git@bitbucket.org:phangoapp/phamodels.git"
|
"url": "https://git.cuchulu.com/phangoapp/wpdo"
|
||||||
|
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"minimum-stability": "dev",
|
"minimum-stability": "dev",
|
||||||
"prefer-stable": true,
|
"prefer-stable": true,
|
||||||
"require-dev": {
|
|
||||||
"phpunit/phpunit": "^10.4"
|
|
||||||
},
|
|
||||||
"require": {
|
"require": {
|
||||||
"phangoapp/phamodels": "dev-master"
|
"phangoapp/wpdo": "dev-master"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,9 @@
|
||||||
//use PhangoApp\PhaView\View;
|
//use PhangoApp\PhaView\View;
|
||||||
use PhangoApp\WPDO\WPDO;
|
use PhangoApp\WPDO\WPDO;
|
||||||
use PhangoApp\PhaRouter\Url;
|
use PhangoApp\PhaRouter\Url;
|
||||||
|
use PHPMailer\PHPMailer\PHPMailer;
|
||||||
|
use PHPMailer\PHPMailer\SMTP;
|
||||||
|
use PHPMailer\PHPMailer\Exception;
|
||||||
//use PhangoApp\PhaModels\Webmodel;
|
//use PhangoApp\PhaModels\Webmodel;
|
||||||
|
|
||||||
//include('./modules/admin/libraries/login.php');
|
//include('./modules/admin/libraries/login.php');
|
||||||
|
|
@ -103,14 +106,20 @@ class AppController extends TplController{
|
||||||
|
|
||||||
$error=0;
|
$error=0;
|
||||||
|
|
||||||
$_SESSION['admin_login']=1;
|
$_SESSION['admin_login']=$arr_user['id'];
|
||||||
$_SESSION['date_login']=date("Y-m-d H:i:s");
|
$_SESSION['date_login']=date("Y-m-d H:i:s");
|
||||||
|
|
||||||
if($arr_user['double_auth']) {
|
if($arr_user['double_auth']) {
|
||||||
|
|
||||||
$_SESSION['double_auth']=1;
|
$_SESSION['double_auth']=1;
|
||||||
|
|
||||||
$this->db->update('useradmin', ['auth_token' => PhangoApp\PhaUtils\Utils::get_token(25)], 'where id=?', [$arr_user['id']]);
|
$auth_code=PhangoApp\PhaUtils\Utils::get_token(12);
|
||||||
|
|
||||||
|
$this->db->update('useradmin', ['auth_token' => password_hash($auth_code, PASSWORD_DEFAULT)], 'where id=?', [$arr_user['id']]);
|
||||||
|
|
||||||
|
// Send email
|
||||||
|
|
||||||
|
$this->send_mail_auth(PhangoApp\PhaRouter\Config::$email_site, PhangoApp\PhaRouter\Config::$portal_name, $arr_user['email'], $arr_user['username'], $auth_code);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -261,9 +270,32 @@ class AppController extends TplController{
|
||||||
if($this->check_login()) {
|
if($this->check_login()) {
|
||||||
|
|
||||||
if($_SERVER['REQUEST_METHOD']=='POST') {
|
if($_SERVER['REQUEST_METHOD']=='POST') {
|
||||||
|
|
||||||
|
|
||||||
|
$this->db->connect();
|
||||||
|
|
||||||
|
$error=1;
|
||||||
|
|
||||||
|
$error_form['auth_code_error']='';
|
||||||
|
|
||||||
|
$auth_code=$_POST['auth_code'] ?? '';
|
||||||
|
//($table, $fields, $where_sql='', $values=[])
|
||||||
|
//$arr_tries=$this->db->select_a_row('login_tries', [], 'WHERE ip=?', [$ip]);
|
||||||
|
$arr_user=$this->db->select_a_row('useradmin', [], 'WHERE id=?', [$_SESSION['admin_login']]);
|
||||||
|
|
||||||
|
if(password_verify($auth_code, $arr_user['auth_token'])) {
|
||||||
|
|
||||||
|
unset($_SESSION['double_auth']);
|
||||||
|
$error=0;
|
||||||
|
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
|
||||||
|
$error_form['auth_code_error']='Sorry, auth code wrong';
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
echo $this->json(['error' => $error, 'error_form' => $error_form]);
|
||||||
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
|
||||||
|
|
@ -288,4 +320,40 @@ class AppController extends TplController{
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private function send_mail_auth($email_from, $portal_name, $email_to, $name, $auth_code) {
|
||||||
|
|
||||||
|
$mail=new PHPMailer(true);
|
||||||
|
|
||||||
|
|
||||||
|
try {
|
||||||
|
|
||||||
|
//$mail->SMTPDebug = SMTP::DEBUG_SERVER; //Enable verbose debug output
|
||||||
|
$mail->isSMTP(); //Send using SMTP
|
||||||
|
$mail->Host=\PhangoApp\PhaRouter\Config::$data['smtp_host']; //Set the SMTP server to send through
|
||||||
|
$mail->SMTPAuth=true; //Enable SMTP authentication
|
||||||
|
$mail->Username=PhangoApp\PhaRouter\Config::$data['smtp_username']; //SMTP username
|
||||||
|
$mail->Password=PhangoApp\PhaRouter\Config::$data['smtp_password']; //SMTP password
|
||||||
|
$mail->SMTPSecure=PHPMailer::ENCRYPTION_STARTTLS; //Enable implicit TLS encryption
|
||||||
|
$mail->Port=PhangoApp\PhaRouter\Config::$data['smtp_port'] ?? 587; //TCP port to connect to; use 587 if you have set `SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS`
|
||||||
|
$mail->CharSet='UTF-8';
|
||||||
|
|
||||||
|
$auth_code=PhangoApp\PhaUtils\Utils::get_token(25);
|
||||||
|
|
||||||
|
$mail->setFrom($email_from, $portal_name);
|
||||||
|
$mail->addAddress($email_to, $name);
|
||||||
|
|
||||||
|
$mail->Subject = 'Code for complete login';
|
||||||
|
$mail->Body = 'We send to you a code for activate your account using double authentication: '.$auth_code;
|
||||||
|
|
||||||
|
$mail->send();
|
||||||
|
|
||||||
|
}
|
||||||
|
catch (Exception $e) {
|
||||||
|
//echo "Message could not be sent. Mailer Error: {$mail->ErrorInfo}";
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
<?=$this->layout('login_tpl', ['title' => $title])?>
|
<?=$this->layout('login_tpl', ['title' => $title])?>
|
||||||
<?=$this->start('content')?>
|
<?=$this->start('content')?>
|
||||||
<form method="post" name="auth_submit" id="auth_submit">
|
<form method="post" name="auth_submit" id="auth_submit">
|
||||||
<p style="padding: 0px 10px;">You have 5 minutes for put the code sended to your email.</p>
|
<p align="center" style="padding: 0px 10px;"><?=_('Check your email for get instructions for complete login with double auth or')?> <a href="<?=$this->make_url('admin', 'app', ['logout'])?>">logout</a> and login again with other user</p>
|
||||||
<p><label for="auth_code"></label><input type="text" name="auth_code" id="auth_code_form" placeholder="<?=_('Code')?>"/></p>
|
<p><label for="auth_code"></label><input type="text" name="auth_code" id="auth_code_form" placeholder="<?=_('Code')?>"/></p>
|
||||||
<p class="error" id="auth_code_error"></p>
|
<p class="error" id="auth_code_error"></p>
|
||||||
<?=PhangoApp\PhaUtils\Utils::set_csrf_key($name_token='csrf_token', $length_token=80)?>
|
<?=PhangoApp\PhaUtils\Utils::set_csrf_key($name_token='csrf_token', $length_token=80)?>
|
||||||
|
|
@ -21,7 +21,7 @@
|
||||||
$('#loader-wrapper').show();
|
$('#loader-wrapper').show();
|
||||||
|
|
||||||
$.ajax({
|
$.ajax({
|
||||||
url: "<?=$this->make_url('admin', 'app', ['login'])?>",
|
url: "<?=$this->make_url('admin', 'app', ['check_auth'])?>",
|
||||||
method: "POST",
|
method: "POST",
|
||||||
dataType: "json",
|
dataType: "json",
|
||||||
data: {'auth_code': $('#auth_code_form').val()},
|
data: {'auth_code': $('#auth_code_form').val()},
|
||||||
|
|
@ -43,7 +43,7 @@
|
||||||
|
|
||||||
$('#csrf_token').attr('value', data.csrf_token);
|
$('#csrf_token').attr('value', data.csrf_token);
|
||||||
|
|
||||||
$('#auth_code_error').html(data.error_form.username_error);
|
$('#auth_code_error').html(data.error_form.auth_code_error);
|
||||||
}
|
}
|
||||||
|
|
||||||
},
|
},
|
||||||
|
|
|
||||||
|
|
@ -23,6 +23,11 @@ class Config {
|
||||||
|
|
||||||
static public $on_proxy=false;
|
static public $on_proxy=false;
|
||||||
|
|
||||||
|
static public $portal_name='Website name';
|
||||||
|
|
||||||
|
static public $email_site='';
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*Examples
|
/*Examples
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue