return md5(implode(',' , array($month, $this->email , $this->passwd, $this->id)));
}
- function checkPassword($val)
+
+ function checkTwoFactorAuthentication($val)
{
+ require_once 'System.php';
+
+ $oathtool = System::which('oathtool');
+
+ if (!$oathtool) {
+ return false;
+ }
+ $cmd = "{$oathtool} --totp --base32 {$this->oath_key}";
+ $password = exec($cmd);
+
+ return ($password == $val) ? true : false;
+ }
+
+ function checkPassword($val)
+ {
if (substr($this->passwd,0,1) == '$') {
if (function_exists('pasword_verify')) {
return password_verify($val, $this->passwd);
}
/*
- * Seems we never expose oath_key, so...
+ * Seems we never expose oath_key / passwd, so...
*/
+
+ $this->_extra_cols = array('length_passwd', 'length_oath_key');
+
$this->selectAdd("
- CASE WHEN core_person.oath_key != '' THEN
- TRUE
- ELSE
- FALSE
- END AS has_oath_key
+ LENGTH({$this->tableName()}.passwd) AS length_passwd,
+ LENGTH({$this->tableName()}.oath_key) AS length_oath_key
");
}
function setFromRoo($ar, $roo)
{
- $this->setFrom($ar);
+ $this->setFrom($ar);
+
+ if(!empty($ar['_enable_oath_key'])){
+ $this->generateOathKey();
+ }
+
if (!empty($ar['passwd1'])) {
$this->setPassword($ar['passwd1']);
}
return "Duplicate Email found";
}
- if(!empty($ar['_enable_oath_key'])){
- $this->generateOathKey();
- }
-
return true;
}
/**
$this->update($o);
$roo->jok('OK');
}
+
+ if(!empty($q['_to_qr_code'])){
+ $qrcode = $this->generateQRCode();
+
+ if(empty($qrcode)){
+ $roo->jerr('Fail to generate QR Code');
+ }
+
+ $roo->jdata($qrcode);
+ }
}
function generateOathKey()
{
- $hex = bin2hex(openssl_random_pseudo_bytes(16));
- $this->oath_key = $hex;
+ $hex = bin2hex(openssl_random_pseudo_bytes(10));
+
+ require 'Base32.php';
+
+ $base32 = new Base32();
+
+ $this->oath_key = $base32->base32_encode($hex);
+
return $this->oath_key;
}
+ function generateQRCode()
+ {
+ if(empty($this->oath_key)){
+ return false;
+ }
+
+ $issuer = (empty($this->name)) ? rawurlencode('ROOJS') : rawurlencode($this->name);
+
+ $uri = "otpauth://totp/{$issuer}:{$this->email}?secret={$this->oath_key}&issuer={$issuer}&algorithm=SHA1&digits=6&period=30";
+
+ require_once 'Image/QRCode.php';
+
+ $qrcode = new Image_QRCode();
+
+ $image = $qrcode->makeCode($uri, array(
+ 'output_type' => 'return'
+ ));
+
+ ob_start();
+ imagepng($image);
+ $base64 = base64_encode(ob_get_contents());
+ ob_end_clean();
+
+ return "data:image/png;base64,{$base64}";
+ }
+
}