3 * @copyright Copyright (C) 2010-2022, the Friendica project
5 * @license GNU AGPL version 3 or any later version
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU Affero General Public License as
9 * published by the Free Software Foundation, either version 3 of the
10 * License, or (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU Affero General Public License for more details.
17 * You should have received a copy of the GNU Affero General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
22 namespace Friendica\Module\Security\TwoFactor;
25 use Friendica\BaseModule;
26 use Friendica\Core\L10n;
27 use Friendica\Core\Renderer;
28 use Friendica\Core\Session\Capability\IHandleUserSessions;
30 use Friendica\Model\User\Cookie;
31 use Friendica\Module\Response;
32 use Friendica\Util\Profiler;
33 use Friendica\Security\TwoFactor;
34 use Psr\Log\LoggerInterface;
37 * Page 4: Logout dialog for trusted browsers
39 * @package Friendica\Module\TwoFactor
41 class SignOut extends BaseModule
43 protected $errors = [];
45 /** @var IHandleUserSessions */
49 /** @var TwoFactor\Repository\TrustedBrowser */
50 protected $trustedBrowserRepository;
52 public function __construct(L10n $l10n, App\BaseURL $baseUrl, App\Arguments $args, LoggerInterface $logger, IHandleUserSessions $session, Cookie $cookie, TwoFactor\Repository\TrustedBrowser $trustedBrowserRepository, Profiler $profiler, Response $response, array $server, array $parameters = [])
54 parent::__construct($l10n, $baseUrl, $args, $logger, $profiler, $response, $server, $parameters);
56 $this->session = $session;
57 $this->cookie = $cookie;
58 $this->trustedBrowserRepository = $trustedBrowserRepository;
61 protected function post(array $request = [])
63 if (!$this->session->getLocalUserId() || !($this->cookie->get('2fa_cookie_hash'))) {
67 $action = $request['action'] ?? '';
69 if (!empty($action)) {
70 self::checkFormSecurityTokenRedirectOnError('2fa', 'twofactor_signout');
73 case 'trust_and_sign_out':
74 $trusted = $this->cookie->get('2fa_cookie_hash');
75 $this->cookie->reset(['2fa_cookie_hash' => $trusted]);
76 $this->session->clear();
78 DI::sysmsg()->addInfo($this->t('Logged out.'));
79 $this->baseUrl->redirect();
82 $this->trustedBrowserRepository->removeForUser($this->session->getLocalUserId(), $this->cookie->get('2fa_cookie_hash'));
83 $this->cookie->clear();
84 $this->session->clear();
86 DI::sysmsg()->addInfo($this->t('Logged out.'));
87 $this->baseUrl->redirect();
90 $this->baseUrl->redirect();
95 protected function content(array $request = []): string
97 if (!$this->session->getLocalUserId() || !($this->cookie->get('2fa_cookie_hash'))) {
98 $this->baseUrl->redirect();
102 $trustedBrowser = $this->trustedBrowserRepository->selectOneByHash($this->cookie->get('2fa_cookie_hash'));
103 if (!$trustedBrowser->trusted) {
104 $trusted = $this->cookie->get('2fa_cookie_hash');
105 $this->cookie->reset(['2fa_cookie_hash' => $trusted]);
106 $this->session->clear();
108 DI::sysmsg()->addInfo($this->t('Logged out.'));
109 $this->baseUrl->redirect();
111 } catch (TwoFactor\Exception\TrustedBrowserNotFoundException $exception) {
112 $this->cookie->clear();
113 $this->session->clear();
115 DI::sysmsg()->addInfo($this->t('Logged out.'));
116 $this->baseUrl->redirect();
119 return Renderer::replaceMacros(Renderer::getMarkupTemplate('twofactor/signout.tpl'), [
120 '$form_security_token' => self::getFormSecurityToken('twofactor_signout'),
122 '$title' => $this->t('Sign out of this browser?'),
123 '$message' => $this->t('<p>If you trust this browser, you will not be asked for verification code the next time you sign in.</p>'),
124 '$sign_out_label' => $this->t('Sign out'),
125 '$cancel_label' => $this->t('Cancel'),
126 '$trust_and_sign_out_label' => $this->t('Trust and sign out'),