zydronium/getnamingo-registry
1
0
Fork 0
mirror of https://github.com/getnamingo/registry.git synced 2025-07-22 18:45:59 +02:00
Code Issues Projects Releases Packages Wiki Activity

Updates in 2FA generation system

Browse source 
- Better QR code provider
- RFC 4226 compatibility
This commit is contained in:
Pinga 2024-02-26 15:24:20 +02:00
parent 6515bcda80
commit 63960eb57d
2 changed files with 19 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

2
cp/app/Auth/Auth.php
View file

@ -151,7 +151,7 @@ class Auth
if (!is_null($code) && $code !== "" && preg_match('/^\d{6}$/', $code)) { if (!is_null($code) && $code !== "" && preg_match('/^\d{6}$/', $code)) {
// If tfa_secret exists and is not empty, verify the 2FA code // If tfa_secret exists and is not empty, verify the 2FA code
$tfaService = new \RobThree\Auth\TwoFactorAuth('Namingo'); $tfaService = new \RobThree\Auth\TwoFactorAuth('Namingo');
if ($tfaService->verifyCode($tfa_secret, $code) === true) { if ($tfaService->verifyCode($tfa_secret, $code, 0) === true) {
// 2FA verification successful // 2FA verification successful
return true; return true;
} else { } else {

24
cp/app/Controllers/ProfileController.php
View file

@ -5,6 +5,8 @@ namespace App\Controllers;
use Psr\Http\Message\ResponseInterface as Response; use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request; use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Container\ContainerInterface; use Psr\Container\ContainerInterface;
use RobThree\Auth\TwoFactorAuth;
use RobThree\Auth\Providers\Qr\BaconQrCodeProvider;
class ProfileController extends Controller class ProfileController extends Controller
{ {
@ -26,8 +28,14 @@ class ProfileController extends Controller
$status = $_SESSION['auth_status']; $status = $_SESSION['auth_status'];
$db = $container->get('db'); $db = $container->get('db');
$tfa = new \RobThree\Auth\TwoFactorAuth('Namingo');
$secret = $tfa->createSecret(); $qrCodeProvider = new BaconQRCodeProvider($borderWidth = 4, $backgroundColour = '#ffffff', $foregroundColour = '#000000', $format = 'svg');
$tfa = new TwoFactorAuth(
issuer: "Namingo",
qrcodeprovider: $qrCodeProvider,
);
$secret = $tfa->createSecret(160, true);
$qrcodeDataUri = $tfa->getQRCodeImageAsDataUri($email, $secret); $qrcodeDataUri = $tfa->getQRCodeImageAsDataUri($email, $secret);
if ($status == 0) { if ($status == 0) {
@ -100,6 +108,7 @@ class ProfileController extends Controller
} }
try { try {
$db->beginTransaction();
$currentDateTime = new \DateTime(); $currentDateTime = new \DateTime();
$currentDate = $currentDateTime->format('Y-m-d H:i:s.v'); // Current timestamp $currentDate = $currentDateTime->format('Y-m-d H:i:s.v'); // Current timestamp
$db->insert( $db->insert(
@ -127,14 +136,17 @@ class ProfileController extends Controller
'id' => $userId 'id' => $userId
] ]
); );
$db->commit();
} catch (Exception $e) { } catch (Exception $e) {
return view($response,'admin/profile/profile.twig',['email' => $email, 'username' => $username, 'status' => $status, 'role' => $role, 'csrf_name' => $csrfName, 'csrf_value' => $csrfValue]); $db->rollBack();
$container->get('flash')->addMessage('error', 'Database failure: ' . $e->getMessage());
return $response->withHeader('Location', '/profile')->withStatus(302);
} }
$container->get('flash')->addMessage('success', '2FA for your user has been activated successfully');
return view($response,'admin/profile/profile.twig',['email' => $email, 'username' => $username, 'status' => $status, 'role' => $role, 'csrf_name' => $csrfName, 'csrf_value' => $csrfValue]); return $response->withHeader('Location', '/profile')->withStatus(302);
} }
} }
public function getRegistrationChallenge(Request $request, Response $response) public function getRegistrationChallenge(Request $request, Response $response)
{ {
$userName = $_SESSION['auth_username']; $userName = $_SESSION['auth_username'];