zydronium/getnamingo-registry
1
0
Fork 0
mirror of https://github.com/getnamingo/registry.git synced 2025-07-22 18:45:59 +02:00
Code Issues Projects Releases Packages Wiki Activity

Updates in 2FA generation system

Browse source 
- Better QR code provider
- RFC 4226 compatibility
This commit is contained in:
Pinga 2024-02-26 15:24:20 +02:00
parent 6515bcda80
commit 63960eb57d
2 changed files with 19 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

2
cp/app/Auth/Auth.php
View file

@ -151,7 +151,7 @@ class Auth
if (!is_null($code) && $code !== "" && preg_match('/^\d{6}$/', $code)) {
// If tfa_secret exists and is not empty, verify the 2FA code
$tfaService = new \RobThree\Auth\TwoFactorAuth('Namingo');
if ($tfaService->verifyCode($tfa_secret, $code) === true) {
if ($tfaService->verifyCode($tfa_secret, $code, 0) === true) {
// 2FA verification successful
return true;
} else {

24
cp/app/Controllers/ProfileController.php
View file

@ -5,6 +5,8 @@ namespace App\Controllers;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Container\ContainerInterface;
use RobThree\Auth\TwoFactorAuth;
use RobThree\Auth\Providers\Qr\BaconQrCodeProvider;
class ProfileController extends Controller
{
@ -26,8 +28,14 @@ class ProfileController extends Controller
$status = $_SESSION['auth_status'];
$db = $container->get('db');
$tfa = new \RobThree\Auth\TwoFactorAuth('Namingo');
$secret = $tfa->createSecret();
$qrCodeProvider = new BaconQRCodeProvider($borderWidth = 4, $backgroundColour = '#ffffff', $foregroundColour = '#000000', $format = 'svg');
$tfa = new TwoFactorAuth(
issuer: "Namingo",
qrcodeprovider: $qrCodeProvider,
);
$secret = $tfa->createSecret(160, true);
$qrcodeDataUri = $tfa->getQRCodeImageAsDataUri($email, $secret);
if ($status == 0) {
@ -100,6 +108,7 @@ class ProfileController extends Controller
}
try {
$db->beginTransaction();
$currentDateTime = new \DateTime();
$currentDate = $currentDateTime->format('Y-m-d H:i:s.v'); // Current timestamp
$db->insert(
@ -127,14 +136,17 @@ class ProfileController extends Controller
'id' => $userId
]
);
$db->commit();
} catch (Exception $e) {
return view($response,'admin/profile/profile.twig',['email' => $email, 'username' => $username, 'status' => $status, 'role' => $role, 'csrf_name' => $csrfName, 'csrf_value' => $csrfValue]);
$db->rollBack();
$container->get('flash')->addMessage('error', 'Database failure: ' . $e->getMessage());
return $response->withHeader('Location', '/profile')->withStatus(302);
}
return view($response,'admin/profile/profile.twig',['email' => $email, 'username' => $username, 'status' => $status, 'role' => $role, 'csrf_name' => $csrfName, 'csrf_value' => $csrfValue]);
$container->get('flash')->addMessage('success', '2FA for your user has been activated successfully');
return $response->withHeader('Location', '/profile')->withStatus(302);
}
}
public function getRegistrationChallenge(Request $request, Response $response)
{
$userName = $_SESSION['auth_username'];