return $this->logout();
}
- if(!empty($_REQUEST['user_has_oath'])) {
- $this->checkUserOath();
- }
-
// general query...
if (!empty($_REQUEST['getAuthUser'])) {
//DB_Dataobject::debugLevel(5);
$tbl = empty($ff->Pman['authTable']) ? 'core_person' : $ff->Pman['authTable'];
$u = DB_DataObject::factory($tbl);
+ $s = DB_DataObject::Factory('core_setting');
+ $oath_require_val = 1;
+ $oath_require = $s->lookup('core', 'two_factor_authentication_requirement');
+ if(!empty($oath_require)) {
+ if($oath_require->val == 0) {
+ $oath_require_val = 0;
+ }
+ }
+
if (!$u->isAuth()) {
-
- $this->jok(array('id' => 0)); // not logged in..
- exit;
+ $this->jok(array(
+ 'id' => 0,
+ 'require_oath' => empty($oath_require) || $oath_require->val == 1 ? 1 : 0
+ ));
+ exit;
}
+
//die("got here?");
$au = $u->getAuthUser();
exit;
}
- if(!empty($u->oath_key) && !$u->checkTwoFactorAuthentication(trim($_REQUEST['oath_password'],"\x10"))){
+ if(
+ !empty($u->oath_key) &&
+ !$u->checkTwoFactorAuthentication($_REQUEST['oath_password'])
+ ){
$this->jerror('LOGIN-BAD', 'You typed the wrong Username or Password (3)');
exit;
}
return $_SERVER['REMOTE_ADDR'];
}
-
- function checkUserOath()
- {
-
- }
}