3 namespace Friendica\Model;
5 use Friendica\BaseObject;
6 use Friendica\Database\DBA;
7 use Friendica\Util\DateTimeFormat;
8 use PragmaRX\Random\Random;
9 use PragmaRX\Recovery\Recovery;
12 * Manages users' two-factor recovery codes in the 2fa_recovery_codes table
14 * @package Friendica\Model
16 class TwoFactorRecoveryCode extends BaseObject
19 * Returns the number of code the provided users can still use to replace a TOTP code
21 * @param int $uid User ID
25 public static function countValidForUser($uid)
27 return DBA::count('2fa_recovery_codes', ['uid' => $uid, 'used' => null]);
31 * Checks the provided code is available to use for login by the provided user
33 * @param int $uid User ID
38 public static function existsForUser($uid, $code)
40 return DBA::exists('2fa_recovery_codes', ['uid' => $uid, 'code' => $code, 'used' => null]);
44 * Returns a complete list of all recovery codes for the provided user, including the used status
46 * @param int $uid User ID
50 public static function getListForUser($uid)
52 $codesStmt = DBA::select('2fa_recovery_codes', ['code', 'used'], ['uid' => $uid]);
54 return DBA::toArray($codesStmt);
58 * Marks the provided code as used for the provided user.
59 * Returns false if the code doesn't exist for the user or it has been used already.
61 * @param int $uid User ID
66 public static function markUsedForUser($uid, $code)
68 DBA::update('2fa_recovery_codes', ['used' => DateTimeFormat::utcNow()], ['uid' => $uid, 'code' => $code, 'used' => null]);
70 return DBA::affectedRows() > 0;
74 * Generates a fresh set of recovery codes for the provided user.
75 * Generates 12 codes constituted of 2 blocks of 6 characters separated by a dash.
77 * @param int $uid User ID
80 public static function generateForUser($uid)
82 $Random = (new Random())->pattern('[a-z0-9]');
84 $RecoveryGenerator = new Recovery($Random);
86 $codes = $RecoveryGenerator
93 $generated = DateTimeFormat::utcNow();
94 foreach ($codes as $code) {
95 DBA::insert('2fa_recovery_codes', [
98 'generated' => $generated
104 * Deletes all the recovery codes for the provided user.
106 * @param int $uid User ID
109 public static function deleteForUser($uid)
111 DBA::delete('2fa_recovery_codes', ['uid' => $uid]);
115 * Replaces the existing recovery codes for the provided user by a freshly generated set.
117 * @param int $uid User ID
120 public static function regenerateForUser($uid)
122 self::deleteForUser($uid);
123 self::generateForUser($uid);