OTA improvements
This commit is contained in:
JonatanRek
51
app/controls/login.php
Normal file
51
app/controls/login.php
Normal file
@@ -0,0 +1,51 @@
|
||||
<?php
|
||||
global $userManager;
|
||||
|
||||
|
||||
if (
|
||||
isset($_POST['username']) &&
|
||||
$_POST['username'] != '' &&
|
||||
isset($_POST['password']) &&
|
||||
$_POST['password'] != ''
|
||||
){
|
||||
$ota = false;
|
||||
$userName = $_POST['username'];
|
||||
$userPassword = $_POST['password'];
|
||||
$rememberMe = (isset ($_POST['remember']) ? $_POST['remember'] : "");
|
||||
$ota = $userManager->haveOtaEnabled($userName);
|
||||
if ($ota == "") {
|
||||
$landingPage = $userManager->login($userName, $userPassword, $rememberMe);
|
||||
header('Location: ' . BASEDIR . $landingPage);
|
||||
die();
|
||||
}
|
||||
|
||||
$_SESSION['USERNAME'] = $userName;
|
||||
$_SESSION['PASSWORD'] = $userPassword;
|
||||
$_SESSION['REMEMBER'] = $rememberMe;
|
||||
$_SESSION['OTA'] = $ota;
|
||||
} else if (
|
||||
isset($_POST['otaCode']) &&
|
||||
$_POST['otaCode'] != ''
|
||||
) {
|
||||
|
||||
$otaCode = $_POST['otaCode'];
|
||||
$otaSecret = $_POST['otaSecret'];
|
||||
|
||||
$ga = new PHPGangsta_GoogleAuthenticator();
|
||||
$ota = $_SESSION['OTA'];
|
||||
$userName = $_SESSION['USERNAME'];
|
||||
$userPassword = $_SESSION['PASSWORD'];
|
||||
$rememberMe = $_SESSION['REMEMBER'];
|
||||
unset($_SESSION['OTA']);
|
||||
$checkResult = $ga->verifyCode($otaSecret, $otaCode, 2); // 2 = 2*30sec clock tolerance
|
||||
if ($checkResult) {
|
||||
$landingPage = $userManager->login($userName, $userPassword, $rememberMe);
|
||||
header('Location: ' . BASEDIR . $landingPage);
|
||||
echo 'OK';
|
||||
} else {
|
||||
echo 'FAILED';
|
||||
}
|
||||
//TODO: upravi a ověřit jeslti ja zabezpečené
|
||||
//TODO:
|
||||
die();
|
||||
}
|
||||
29
app/controls/setting.php
Normal file
29
app/controls/setting.php
Normal file
@@ -0,0 +1,29 @@
|
||||
<?php
|
||||
if (isset($_POST) && !empty($_POST)){
|
||||
if (isset($_POST['submitPasswordChange']) && $_POST['submitPasswordChange'] != "") {
|
||||
$oldPassword = $_POST['oldPassword'];
|
||||
$newPassword = $_POST['newPassword1'];
|
||||
$newPassword2 = $_POST['newPassword2'];
|
||||
UserManager::changePassword($oldPassword, $newPassword, $newPassword2);
|
||||
header('Location: ' . BASEDIR . 'logout');
|
||||
die();
|
||||
} else if (isset($_POST['submitCreateUser']) && $_POST['submitCreateUser'] != "") {
|
||||
$userName = $_POST['userName'];
|
||||
$password = $_POST['userPassword'];
|
||||
UserManager::createUser($userName, $password);
|
||||
header('Location: ' . BASEDIR . 'setting');
|
||||
die();
|
||||
} else if (isset($_POST['submitEnableOta']) && $_POST['submitEnableOta'] != "") {
|
||||
echo $otaCode = $_POST['otaCode'];
|
||||
echo $otaSecret = $_POST['otaSecret'];
|
||||
|
||||
|
||||
$ga = new PHPGangsta_GoogleAuthenticator();
|
||||
$checkResult = $ga->verifyCode($otaSecret, $otaCode, 2); // 2 = 2*30sec clock tolerance
|
||||
if ($checkResult) {
|
||||
UserManager::setOta($otaCode, $otaSecret);
|
||||
}
|
||||
header('Location: ' . BASEDIR . 'setting');
|
||||
die();
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user