projects / Pman.Core / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
sync
[Pman.Core] / DataObjects / Core_person.php
diff --git a/DataObjects/Core_person.php b/DataObjects/Core_person.php
index 547b5c6..b8c7194 100644 (file)
--- a/DataObjects/Core_person.php
+++ b/DataObjects/Core_person.php
@@ -222,6 +222,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         if (empty($this->name)) {
             return $this->email;
         }
+        
         return '"' . addslashes($this->name) . '" <' . $this->email . '>';
     }
     
@@ -352,7 +353,10 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
             ) &&
             ($default_admin ||  $u->get('email', $ff->Pman['local_autoauth']))
         ) {
-            $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($default_admin ? $default_admin : $u);
+            
+            $user = $default_admin ? $default_admin->toArray() : $u->toArray();
+            
+            $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object) $user);
             return true;
         }
         
@@ -519,6 +523,24 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         
         return md5(implode(',' ,  array($month, $this->email , $this->passwd, $this->id)));
     } 
+    
+    function checkTwoFactorAuthentication($val)
+    {
+        require_once 'System.php';
+        
+        $oathtool = System::which('oathtool');
+        
+        if (!$oathtool) {
+            return false;
+        }
+        
+        $cmd = "{$oathtool} --totp --base32 {$this->oath_key}";
+        
+        $password = exec($cmd);
+        
+        return ($password == $val) ? true : false;
+    }
+    
     function checkPassword($val)
     {
         if (substr($this->passwd,0,1) == '$') {
@@ -1007,15 +1029,17 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         }
         
         /*
-         * Seems we never expose oath_key, so...
+         * Seems we never expose oath_key / passwd, so...
          */
-        $this->selectAdd("
-            CASE WHEN core_person.oath_key != '' THEN
-                TRUE
-            ELSE
-                FALSE
-            END AS has_oath_key
-        ");
+        
+        if($this->tableName() == 'core_person'){
+            $this->_extra_cols = array('length_passwd', 'length_oath_key');
+        
+            $this->selectAdd("
+                LENGTH({$this->tableName()}.passwd) AS length_passwd,
+                LENGTH({$this->tableName()}.oath_key) AS length_oath_key
+            ");
+        }
         
     }
     
@@ -1154,8 +1178,9 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         if ($roo->authUser->id > -1 ||  $p->count() > 1) {
             return;
         }
-        $c = DB_DAtaObject::Factory('core_company');
+        $c = DB_DataObject::Factory('core_company');
         $tc =$c->count();
+        
         if (!$tc || $tc> 1) {
             $roo->jerr("can not create initial user as multiple companies already exist");
         }
@@ -1304,20 +1329,6 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         return true;
     }
     
-    function toRooSingleArray($au, $q)
-    {
-        $ret = $this->toArray();
-        
-        $core_person = DB_DataObject::factory('core_person');
-        $core_person->selectAdd('core_person.oath_key AS oath_key');
-        $core_person->get($this->id);
-        
-        $ret['has_oath_key'] = (empty($core_person->oath_key)) ? 0 : 1;
-        
-        return $ret;
-        
-    }
-    
     function beforeUpdate($old, $q, $roo)
     {
         if(!empty($q['_generate_oath_key'])){
Pman Core