added google authenticator support to the gui

2025-06-12 23:17:02 +02:00 · 2013-10-16 14:55:17 +02:00
parent 62e5dc8afa
commit dae73a577a
50 changed files with 10676 additions and 39 deletions
--- a/webui/controller/common/menu.php
+++ b/webui/controller/common/menu.php
@ -9,6 +9,7 @@ class ControllerCommonMenu extends Controller {
      $this->template = "common/menu.tpl";

      $db = Registry::get('db');
+      $session = Registry::get('session');

      $this->load->model('saas/customer');

@ -18,6 +19,8 @@ class ControllerCommonMenu extends Controller {

      $this->data['settings'] = $this->model_saas_customer->get_customer_settings_by_email();

+      $this->data['realname'] = $session->get('realname');
+
      $this->render();
   }

--- a/webui/controller/login/ga.php
+++ b/webui/controller/login/ga.php
@ -0,0 +1,93 @@
+<?php
+
+
+class ControllerLoginGA extends Controller {
+   private $error = array();
+
+   public function index(){
+
+      $this->id = "content";
+      $this->template = "login/ga.tpl";
+      $this->layout = "common/layout-empty";
+
+
+      $request = Registry::get('request');
+      $session = Registry::get('session');
+
+      $db = Registry::get('db');
+
+      $this->load->model('user/auth');
+      $this->load->model('user/user');
+      $this->load->model('user/prefs');
+
+      if(ENABLE_SAAS == 1) {
+         $this->load->model('saas/ldap');
+         $this->load->model('saas/customer');
+      }
+
+      require(DIR_BASE . 'system/helper/PHPGangsta_GoogleAuthenticator.php');
+
+      $this->data['title'] = $this->data['text_login'];
+      $this->data['title_prefix'] = TITLE_PREFIX;
+
+      $this->data['failed_login_count'] = $this->model_user_auth->get_failed_login_count();
+
+
+      if($this->request->server['REQUEST_METHOD'] == 'POST' && $this->validate() == true) {
+
+         $GA = new PHPGangsta_GoogleAuthenticator();
+
+         $settings = $this->model_user_prefs->get_ga_settings($session->get('username'));
+
+         if(strlen($this->request->post['ga_code']) > 5 && $GA->verifyCode($settings['ga_secret'], $this->request->post['ga_code'], 2)) {
+
+            $session->set("ga_block", "");
+
+            $this->model_user_prefs->get_user_preferences($session->get('username'));
+
+            if(ENABLE_SAAS == 1) {
+               $this->model_saas_customer->online($session->get('email'));
+            }
+
+            LOGGER('logged in');
+
+            if(isAdminUser() == 1) {
+               header("Location: " . SITE_URL . "index.php?route=health/health");
+               exit;
+            }
+
+            header("Location: " . SITE_URL . "search.php");
+            exit;
+         }
+         else {
+            $this->model_user_auth->increment_failed_login_count($this->data['failed_login_count']);
+            $this->data['failed_login_count']++;
+         }
+
+         $this->data['x'] = $this->data['text_invalid_pin_code'];
+
+      }
+
+      $this->render();
+   }
+
+
+   private function validate() {
+
+      if(!isset($this->request->post['ga_code'])){
+         $this->error['ga_code'] = $this->data['text_invalid_data'];
+      }
+
+
+      if (!$this->error) {
+         return true;
+      } else {
+         return false;
+      }
+
+   }
+
+
+}
+
+?>
--- a/webui/controller/login/login.php
+++ b/webui/controller/login/login.php
@ -43,21 +43,27 @@ class ControllerLoginLogin extends Controller {

         if($this->model_user_auth->checkLogin($this->request->post['username'], $_POST['password']) == 1) {

-            $this->model_user_prefs->get_user_preferences($session->get('username'));
-
-            if(ENABLE_SAAS == 1) {
-               $this->model_saas_customer->online($session->get('email'));
-            }
-
-            LOGGER('logged in');
-
-            if(isAdminUser() == 1) {
-               header("Location: " . SITE_URL . "index.php?route=health/health");
+            if($session->get("ga_block") == 1) {
+               header("Location: " . SITE_URL . "index.php?route=login/ga");
               exit;
            }
+            else {
+               $this->model_user_prefs->get_user_preferences($session->get('username'));

-            header("Location: " . SITE_URL . "search.php");
-            exit;
+               if(ENABLE_SAAS == 1) {
+                  $this->model_saas_customer->online($session->get('email'));
+               }
+
+               LOGGER('logged in');
+
+               if(isAdminUser() == 1) {
+                  header("Location: " . SITE_URL . "index.php?route=health/health");
+                  exit;
+               }
+
+               header("Location: " . SITE_URL . "search.php");
+               exit;
+            }
         }
         else {
            $this->model_user_auth->increment_failed_login_count($this->data['failed_login_count']);
--- a/webui/controller/user/settings.php
+++ b/webui/controller/user/settings.php
@ -12,6 +12,8 @@ class ControllerUserSettings extends Controller {


      $request = Registry::get('request');
+      $session = Registry::get('session');
+
      $db = Registry::get('db');

      $this->load->model('user/auth');
@ -19,6 +21,10 @@ class ControllerUserSettings extends Controller {
      $this->load->model('user/user');
      $this->load->model('group/group');

+      require(DIR_BASE . 'system/helper/PHPGangsta_GoogleAuthenticator.php');
+
+      $this->data['ga'] = $this->model_user_prefs->get_ga_settings($session->get('username'));
+
      $this->document->title = $this->data['text_settings'];
  
      $d = $r = '';