32 abstract protected function authLoadView($viewName, $vars = [ ]):void;
34 abstract protected function useAjax():bool;
53 protected function has2FA($accountValue=
null):bool{
79 protected function getTokenSize():int{
90 return \bin2hex ( \random_bytes ($this->getTokenSize()));
107 return new \DateInterval(
'PT5M');
139 protected function check2FACode(
string $secret,
string $userInput):bool{
140 return $secret===$userInput;
146 #[\Ubiquity\attributes\items\router\NoRoute]
149 $fMessage =
new FlashMessage (
'Invalid 2FA code!',
'Two Factor Authentification',
'warning',
'warning circle' );
150 $this->twoFABadCodeMessage( $fMessage );
151 $message = $this->fMessage ( $fMessage,
'bad-code' );
152 $this->authLoadView ( $this->_getFiles ()->getViewBadTwoFACode(), [
'_message' => $message,
'url' => $this->getBaseUrl ().
'/sendNew2FACode',
'bodySelector' =>
'#bad-two-fa',
'_btCaption' =>
'Send new code' ] );
158 #[\Ubiquity\attributes\items\router\NoRoute]
160 $fMessage =
new FlashMessage(
'Enter the rescue code and validate.',
'Two factor Authentification',
'info',
'key' );
161 $this->twoFAMessage ( $fMessage );
162 $message = $this->fMessage ( $fMessage );
163 if($this->useAjax()){
164 $frm=$this->jquery->semantic()->htmlForm(
'frm-valid-code');
165 $frm->addExtraFieldRule(
'code',
'empty');
166 $frm->setValidationParams([
'inline'=>
true,
'on'=>
'blur']);
168 $this->authLoadView ( $this->_getFiles ()->getViewStepTwo(), [
'_message' => $message,
'submitURL' => $this->getBaseUrl ().
'/submitCode',
'bodySelector' => $this->_getBodySelector(),
'prefix'=>$this->towFACodePrefix() ] );
172 $code=$this->generate2FACode();
173 $expire=(new \DateTime())->add($this->twoFACodeDuration());
174 $codeInfos=USession::get(self::$TWO_FA_KEY,compact(
'code',
'expire'));
175 USession::set(self::$TWO_FA_KEY,$codeInfos);
184 #[\Ubiquity\attributes\items\router\Post]
186 if(URequest::isPost() && USession::exists(self::$TWO_FA_KEY)){
187 $twoFAInfos=USession::get(self::$TWO_FA_KEY);
188 $expired=$twoFAInfos[
'expire']<new \DateTime();
189 if(!$expired && $this->check2FACode($twoFAInfos[
'code'],URequest::post(
'code'))){
190 $this->onConnect(USession::get($this->_getUserSessionKey().
'-2FA'));
193 $this->_invalid=
true;
194 $this->initializeAuth();
195 $this->onBad2FACode();
196 $this->finalizeAuth();
202 $codeInfos=$this->save2FACode();
203 $this->_send2FACode($codeInfos[
'code'], USession::get($this->_getUserSessionKey().
'-2FA'));
207 if(USession::exists( $this->_getUserSessionKey().
'-2FA')) {
208 $this->send2FACode();
209 $fMessage =
new FlashMessage (
'A new code was submited.',
'Two factor Authentification',
'success',
'key');
210 $this->newTwoFACodeMessage($fMessage);
211 echo $this->fMessage($fMessage);
Ubiquity\controllers\auth$AuthFiles This class is part of Ubiquity.
has2FA($accountValue=null)
To override Returns true for a two factor authentification for this account.
fMessage(FlashMessage $fMessage, $id=null)
submitCode()
Submits the 2FA code in post request.
newTwoFACodeMessage(FlashMessage $fMessage)
To override.
twoFABadCodeMessage(FlashMessage $fMessage)
To override for modifying the message displayed if the 2FA code is bad.
authLoadView($viewName, $vars=[])
twoFACodeDuration()
Returns the default validity duration of a generated 2FA code.
_send2FACode(string $code, $connected)
To override Send the 2FA code to the user (email, sms, phone call...)
twoFAMessage(FlashMessage $fMessage)
To override for modifying the 2FA panel message.
check2FACode(string $secret, string $userInput)
To override for a more secure 2FA code.
onBad2FACode()
To override for defining a new action when 2FA code is invalid.
towFACodePrefix()
Returns the code prefix (which should not be entered by the user).
generate2FACode()
Generates a new random 2FA code.
Http Request utilities, wrapper for accessing to $_GET, $_POST and php://input.
Http Session utilities This class is part of Ubiquity.