{
// also used in login
+ return true;
+
require_once 'System.php';
if(
$aur['oath_key'] = '';
$aur['oath_key_enable'] = !empty($this->oath_key);
+ $aur['require_oath'] = 1;
$s = DB_DataObject::Factory('core_setting');
- $aur['disable_oath'] = (bool) $s->lookup('core', 'two_factor_authentication') ? 1 : 0;
+ $oath_require = $s->lookup('core', 'two_factor_authentication_requirement');
+
+ // $aur['require_oath'] = !empty($oath_require) || $oath_require->val == 0 ? 0 : 1;
return $aur;
}
{
//DB_DataObject::DebugLevel(1);
if(!empty($q['_to_qr_code'])){
-
$person = DB_DataObject::factory('Core_person');
$person->id = $q['id'];
$hash = $this->generateOathKey();
- $_SESSION[__CLASS__] = isset($_SESSION[__CLASS__]) ? $_SESSION[__CLASS__] : array();
- $_SESSION[__CLASS__]['oath'] = isset($_SESSION[__CLASS__]['oath']) ? $_SESSION[__CLASS__]['oath'] : array();
+ $_SESSION[__CLASS__] =
+ isset($_SESSION[__CLASS__]) ?
+ $_SESSION[__CLASS__] : array();
+ $_SESSION[__CLASS__]['oath'] =
+ isset($_SESSION[__CLASS__]['oath']) ?
+ $_SESSION[__CLASS__]['oath'] : array();
+
$_SESSION[__CLASS__]['oath'][$person->id] = $hash;
$qrcode = $person->generateQRCode($hash);
}
if(!empty($q['two_factor_auth_code'])) {
-
$person = DB_DataObject::factory('core_person');
$person->get($q['id']);
$o = clone($person);
$person->oath_key = $_SESSION[__CLASS__]['oath'][$person->id];
if($person->checkTwoFactorAuthentication($q['two_factor_auth_code'])) {
-
-
$person->update($o);
-
unset($_SESSION[__CLASS__]['oath'][$person->id]);
-
$roo->jok('DONE');
}
}
if(!empty($q['oath_key_disable'])) {
-
$person = DB_DataObject::factory('core_person');
$person->get($q['id']);