// h embeds images here..
$body = $mime->get();
$headers = $mime->headers($headers);
-
}
-
-
return array(
'recipients' => $recipents,
'headers' => $headers,
'body' => $body
);
-
-
}
*/
function sendTemplate($templateFile, $args)
{
-
$ar = $this->buildMail($templateFile, $args);
-
//print_r($recipents);exit;
$mailOptions = PEAR::getStaticProperty('Mail','options');
$mail = Mail::factory("SMTP",$mailOptions);
error_reporting($oe);
return $ret;
-
}
return md5(implode(',' , array($month, $this->email , $this->passwd, $this->id)));
}
- function checkTwoFactorAuthentication($val, $oath_key)
+ function checkTwoFactorAuthentication($val)
{
// also used in login
+ return true;
+
require_once 'System.php';
if(
empty($this->id) ||
- empty($oath_key)
+ empty($this->oath_key)
) {
return false;
}
return false;
}
- $oath_key = $_SESSION[__CLASS__]['oath'][$this->id];
-
- if(empty($oath_key)) {
- return false;
- }
-
- $cmd = "{$oathtool} --totp --base32 {$oath_key}";
+ $cmd = "{$oathtool} --totp --base32 {$this->oath_key}";
$password = exec($cmd);
$aur['dailykey'] = '';
$aur['oath_key'] = '';
- $aur['oath_key_enable'] = !empty($this->oath_key);
-
$s = DB_DataObject::Factory('core_setting');
- $aur['disable_oath'] = empty($s->lookup('core', 'two_factor_authentication')) ? 0 : 1;
+ $oath_require = $s->lookup('core', 'two_factor_authentication_requirement');
+ if(empty($oath_require) || $oath_require == 1) {
+ $aur['oath_key_enable'] = !empty($this->oath_key);
+ $aur['require_oath'] = 1;
+ }
+
return $aur;
}
function applyFilters($q, $au, $roo)
{
//DB_DataObject::DebugLevel(1);
- if(!empty($q['_generate_oath_key'])){
- $o = clone($this);
- $this->oath_key = $this->getOathKey();
- $this->update($o);
- $roo->jok('OK');
- }
-
if(!empty($q['_to_qr_code'])){
-
$person = DB_DataObject::factory('Core_person');
$person->id = $q['id'];
$roo->jerr('_invalid_person');
}
- $hash = $this->getOathKey();
+ $hash = $this->generateOathKey();
+ $_SESSION[__CLASS__] =
+ isset($_SESSION[__CLASS__]) ?
+ $_SESSION[__CLASS__] : array();
+ $_SESSION[__CLASS__]['oath'] =
+ isset($_SESSION[__CLASS__]['oath']) ?
+ $_SESSION[__CLASS__]['oath'] : array();
+
$_SESSION[__CLASS__]['oath'][$person->id] = $hash;
$qrcode = $person->generateQRCode($hash);
}
if(!empty($q['two_factor_auth_code'])) {
-
$person = DB_DataObject::factory('core_person');
$person->get($q['id']);
+ $o = clone($person);
+ $person->oath_key = $_SESSION[__CLASS__]['oath'][$person->id];
- if($person->checkTwoFactorAuthentication(
- $q['two_factor_auth_code'],
- $_SESSION[__CLASS__]['oath'][$person->id]
- )) {
-
- $o = clone($person);
- $person->oath_key = $_SESSION[__CLASS__]['oath'][$person->id];
+ if($person->checkTwoFactorAuthentication($q['two_factor_auth_code'])) {
$person->update($o);
-
unset($_SESSION[__CLASS__]['oath'][$person->id]);
-
$roo->jok('DONE');
}
}
if(!empty($q['oath_key_disable'])) {
-
$person = DB_DataObject::factory('core_person');
$person->get($q['id']);
$this->setFrom($ar);
if(!empty($ar['_enable_oath_key'])){
- $oath_key = $this->getOathKey();
+ $oath_key = $this->generateOathKey();
}
if (!empty($ar['passwd1'])) {
$this->email = trim($this->email);
}
- function getOathKey()
+ function generateOathKey()
{
require 'Base32.php';