4 namespace Friendica\Module\Settings\TwoFactor;
7 use Friendica\Core\L10n;
8 use Friendica\Core\PConfig;
9 use Friendica\Core\Renderer;
11 use Friendica\Model\TwoFactor\AppSpecificPassword;
12 use Friendica\Module\BaseSettingsModule;
13 use Friendica\Module\Security\Login;
16 * // Page 5: 2FA enabled, app-specific password generation
18 * @package Friendica\Module\TwoFactor
20 class AppSpecific extends BaseSettingsModule
22 private static $appSpecificPassword = null;
24 public static function init(array $parameters = [])
30 $verified = PConfig::get(local_user(), '2fa', 'verified');
33 DI::baseUrl()->redirect('settings/2fa');
36 if (!self::checkFormSecurityToken('settings_2fa_password', 't')) {
37 notice(L10n::t('Please enter your password to access this page.'));
38 DI::baseUrl()->redirect('settings/2fa');
42 public static function post(array $parameters = [])
48 if (!empty($_POST['action'])) {
49 self::checkFormSecurityTokenRedirectOnError('settings/2fa/app_specific', 'settings_2fa_app_specific');
51 switch ($_POST['action']) {
53 $description = $_POST['description'] ?? '';
54 if (empty($description)) {
55 notice(L10n::t('App-specific password generation failed: The description is empty.'));
56 DI::baseUrl()->redirect('settings/2fa/app_specific?t=' . self::getFormSecurityToken('settings_2fa_password'));
57 } elseif (AppSpecificPassword::checkDuplicateForUser(local_user(), $description)) {
58 notice(L10n::t('App-specific password generation failed: This description already exists.'));
59 DI::baseUrl()->redirect('settings/2fa/app_specific?t=' . self::getFormSecurityToken('settings_2fa_password'));
61 self::$appSpecificPassword = AppSpecificPassword::generateForUser(local_user(), $_POST['description'] ?? '');
62 notice(L10n::t('New app-specific password generated.'));
67 AppSpecificPassword::deleteAllForUser(local_user());
68 notice(L10n::t('App-specific passwords successfully revoked.'));
69 DI::baseUrl()->redirect('settings/2fa/app_specific?t=' . self::getFormSecurityToken('settings_2fa_password'));
74 if (!empty($_POST['revoke_id'])) {
75 self::checkFormSecurityTokenRedirectOnError('settings/2fa/app_specific', 'settings_2fa_app_specific');
77 if (AppSpecificPassword::deleteForUser(local_user(), $_POST['revoke_id'])) {
78 notice(L10n::t('App-specific password successfully revoked.'));
81 DI::baseUrl()->redirect('settings/2fa/app_specific?t=' . self::getFormSecurityToken('settings_2fa_password'));
85 public static function content(array $parameters = [])
88 return Login::form('settings/2fa/app_specific');
91 parent::content($parameters);
93 $appSpecificPasswords = AppSpecificPassword::getListForUser(local_user());
95 return Renderer::replaceMacros(Renderer::getMarkupTemplate('settings/twofactor/app_specific.tpl'), [
96 '$form_security_token' => self::getFormSecurityToken('settings_2fa_app_specific'),
97 '$password_security_token' => self::getFormSecurityToken('settings_2fa_password'),
99 '$title' => L10n::t('Two-factor app-specific passwords'),
100 '$help_label' => L10n::t('Help'),
101 '$message' => L10n::t('<p>App-specific passwords are randomly generated passwords used instead your regular password to authenticate your account on third-party applications that don\'t support two-factor authentication.</p>'),
102 '$generated_message' => L10n::t('Make sure to copy your new app-specific password now. You won’t be able to see it again!'),
103 '$generated_app_specific_password' => self::$appSpecificPassword,
105 '$description_label' => L10n::t('Description'),
106 '$last_used_label' => L10n::t('Last Used'),
107 '$revoke_label' => L10n::t('Revoke'),
108 '$revoke_all_label' => L10n::t('Revoke All'),
110 '$app_specific_passwords' => $appSpecificPasswords,
111 '$generate_message' => L10n::t('When you generate a new app-specific password, you must use it right away, it will be shown to you once after you generate it.'),
112 '$generate_title' => L10n::t('Generate new app-specific password'),
113 '$description_placeholder_label' => L10n::t('Friendiqa on my Fairphone 2...'),
114 '$generate_label' => L10n::t('Generate'),