3 * @copyright Copyright (C) 2010-2022, the Friendica project
5 * @license GNU AGPL version 3 or any later version
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU Affero General Public License as
9 * published by the Free Software Foundation, either version 3 of the
10 * License, or (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU Affero General Public License for more details.
17 * You should have received a copy of the GNU Affero General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
22 namespace Friendica\Module\Security\TwoFactor;
25 use Friendica\BaseModule;
26 use Friendica\Core\L10n;
27 use Friendica\Core\Renderer;
28 use Friendica\Core\Session\Capability\IHandleSessions;
30 use Friendica\Model\User\Cookie;
31 use Friendica\Module\Response;
32 use Friendica\Network\HTTPException\NotFoundException;
33 use Friendica\Util\Profiler;
34 use Friendica\Security\TwoFactor;
35 use Psr\Log\LoggerInterface;
38 * Page 4: Logout dialog for trusted browsers
40 * @package Friendica\Module\TwoFactor
42 class SignOut extends BaseModule
44 protected $errors = [];
46 /** @var IHandleSessions */
50 /** @var TwoFactor\Repository\TrustedBrowser */
51 protected $trustedBrowserRepository;
53 public function __construct(L10n $l10n, App\BaseURL $baseUrl, App\Arguments $args, LoggerInterface $logger, IHandleSessions $session, Cookie $cookie, TwoFactor\Repository\TrustedBrowser $trustedBrowserRepository, Profiler $profiler, Response $response, array $server, array $parameters = [])
55 parent::__construct($l10n, $baseUrl, $args, $logger, $profiler, $response, $server, $parameters);
57 $this->session = $session;
58 $this->cookie = $cookie;
59 $this->trustedBrowserRepository = $trustedBrowserRepository;
62 protected function post(array $request = [])
64 if (!local_user() || !($this->cookie->get('2fa_cookie_hash'))) {
68 $action = $request['action'] ?? '';
70 if (!empty($action)) {
71 self::checkFormSecurityTokenRedirectOnError('2fa', 'twofactor_signout');
74 case 'trust_and_sign_out':
75 $trusted = $this->cookie->get('2fa_cookie_hash');
76 $this->cookie->reset(['2fa_cookie_hash' => $trusted]);
77 $this->session->clear();
79 DI::sysmsg()->addInfo($this->t('Logged out.'));
80 $this->baseUrl->redirect();
83 $this->trustedBrowserRepository->removeForUser(local_user(), $this->cookie->get('2fa_cookie_hash'));
84 $this->cookie->clear();
85 $this->session->clear();
87 DI::sysmsg()->addInfo($this->t('Logged out.'));
88 $this->baseUrl->redirect();
91 $this->baseUrl->redirect();
96 protected function content(array $request = []): string
98 if (!local_user() || !($this->cookie->get('2fa_cookie_hash'))) {
99 $this->baseUrl->redirect();
103 $trustedBrowser = $this->trustedBrowserRepository->selectOneByHash($this->cookie->get('2fa_cookie_hash'));
104 if (!$trustedBrowser->trusted) {
105 $trusted = $this->cookie->get('2fa_cookie_hash');
106 $this->cookie->reset(['2fa_cookie_hash' => $trusted]);
107 $this->session->clear();
109 DI::sysmsg()->addInfo($this->t('Logged out.'));
110 $this->baseUrl->redirect();
112 } catch (TwoFactor\Exception\TrustedBrowserNotFoundException $exception) {
113 $this->cookie->clear();
114 $this->session->clear();
116 DI::sysmsg()->addInfo($this->t('Logged out.'));
117 $this->baseUrl->redirect();
120 return Renderer::replaceMacros(Renderer::getMarkupTemplate('twofactor/signout.tpl'), [
121 '$form_security_token' => self::getFormSecurityToken('twofactor_signout'),
123 '$title' => $this->t('Sign out of this browser?'),
124 '$message' => $this->t('<p>If you trust this browser, you will not be asked for verification code the next time you sign in.</p>'),
125 '$sign_out_label' => $this->t('Sign out'),
126 '$cancel_label' => $this->t('Cancel'),
127 '$trust_and_sign_out_label' => $this->t('Trust and sign out'),