--- /dev/null
+<?php
+/**
+ * @copyright Copyright (C) 2010-2022, the Friendica project
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace Friendica\Module\Security\TwoFactor;
+
+use Friendica\App;
+use Friendica\BaseModule;
+use Friendica\Core\L10n;
+use Friendica\Core\Renderer;
+use Friendica\Core\Session\Capability\IHandleSessions;
+use Friendica\Model\User\Cookie;
+use Friendica\Module\Response;
+use Friendica\Network\HTTPException\NotFoundException;
+use Friendica\Util\Profiler;
+use Friendica\Security\TwoFactor;
+use Psr\Log\LoggerInterface;
+
+/**
+ * Page 4: Logout dialog for trusted browsers
+ *
+ * @package Friendica\Module\TwoFactor
+ */
+class SignOut extends BaseModule
+{
+ protected $errors = [];
+
+ /** @var IHandleSessions */
+ protected $session;
+ /** @var Cookie */
+ protected $cookie;
+ /** @var TwoFactor\Repository\TrustedBrowser */
+ protected $trustedBrowserRepository;
+
+ public function __construct(L10n $l10n, App\BaseURL $baseUrl, App\Arguments $args, LoggerInterface $logger, IHandleSessions $session, Cookie $cookie, TwoFactor\Repository\TrustedBrowser $trustedBrowserRepository, Profiler $profiler, Response $response, array $server, array $parameters = [])
+ {
+ parent::__construct($l10n, $baseUrl, $args, $logger, $profiler, $response, $server, $parameters);
+
+ $this->session = $session;
+ $this->cookie = $cookie;
+ $this->trustedBrowserRepository = $trustedBrowserRepository;
+ }
+
+ protected function post(array $request = [])
+ {
+ if (!local_user() || !($this->cookie->get('2fa_cookie_hash'))) {
+ return;
+ }
+
+ $action = $request['action'] ?? '';
+
+ if (!empty($action)) {
+ self::checkFormSecurityTokenRedirectOnError('2fa', 'twofactor_signout');
+
+ switch ($action) {
+ case 'trust_and_sign_out':
+ $trusted = $this->cookie->get('2fa_cookie_hash');
+ $this->cookie->reset(['2fa_cookie_hash' => $trusted]);
+ $this->session->clear();
+
+ info($this->t('Logged out.'));
+ $this->baseUrl->redirect();
+ break;
+ case 'sign_out':
+ $this->trustedBrowserRepository->removeForUser(local_user(), $this->cookie->get('2fa_cookie_hash'));
+ $this->cookie->clear();
+ $this->session->clear();
+
+ info($this->t('Logged out.'));
+ $this->baseUrl->redirect();
+ break;
+ default:
+ $this->baseUrl->redirect();
+ }
+ }
+ }
+
+ protected function content(array $request = []): string
+ {
+ if (!local_user() || !($this->cookie->get('2fa_cookie_hash'))) {
+ $this->baseUrl->redirect();
+ }
+
+ try {
+ $trustedBrowser = $this->trustedBrowserRepository->selectOneByHash($this->cookie->get('2fa_cookie_hash'));
+ if (!$trustedBrowser->trusted) {
+ $trusted = $this->cookie->get('2fa_cookie_hash');
+ $this->cookie->reset(['2fa_cookie_hash' => $trusted]);
+ $this->session->clear();
+
+ info($this->t('Logged out.'));
+ $this->baseUrl->redirect();
+ }
+ } catch (NotFoundException $exception) {
+ $this->cookie->clear();
+ $this->session->clear();
+
+ info($this->t('Logged out.'));
+ $this->baseUrl->redirect();
+ }
+
+ return Renderer::replaceMacros(Renderer::getMarkupTemplate('twofactor/signout.tpl'), [
+ '$form_security_token' => self::getFormSecurityToken('twofactor_signout'),
+
+ '$title' => $this->t('Sign out of this browser?'),
+ '$message' => $this->t('<p>If you trust this browser, you will not be asked for verification code the next time you sign in.</p>'),
+ '$sign_out_label' => $this->t('Sign out'),
+ '$cancel_label' => $this->t('Cancel'),
+ '$trust_and_sign_out_label' => $this->t('Trust and sign out'),
+ ]);
+ }
+}
+++ /dev/null
-<?php
-/**
- * @copyright Copyright (C) 2010-2022, the Friendica project
- *
- * @license GNU AGPL version 3 or any later version
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <https://www.gnu.org/licenses/>.
- *
- */
-
-namespace Friendica\Module\Security\TwoFactor;
-
-use Friendica\App;
-use Friendica\BaseModule;
-use Friendica\Core\L10n;
-use Friendica\Core\Renderer;
-use Friendica\Core\Session\Capability\IHandleSessions;
-use Friendica\Model\User\Cookie;
-use Friendica\Module\Response;
-use Friendica\Network\HTTPException\NotFoundException;
-use Friendica\Util\Profiler;
-use Friendica\Security\TwoFactor;
-use Psr\Log\LoggerInterface;
-
-/**
- * Page 4: Logout dialog for trusted browsers
- *
- * @package Friendica\Module\TwoFactor
- */
-class Signout extends BaseModule
-{
- protected $errors = [];
-
- /** @var IHandleSessions */
- protected $session;
- /** @var Cookie */
- protected $cookie;
- /** @var TwoFactor\Repository\TrustedBrowser */
- protected $trustedBrowserRepositoy;
-
- public function __construct(L10n $l10n, App\BaseURL $baseUrl, App\Arguments $args, LoggerInterface $logger, IHandleSessions $session, Cookie $cookie, TwoFactor\Repository\TrustedBrowser $trustedBrowserRepositoy, Profiler $profiler, Response $response, array $server, array $parameters = [])
- {
- parent::__construct($l10n, $baseUrl, $args, $logger, $profiler, $response, $server, $parameters);
-
- $this->session = $session;
- $this->cookie = $cookie;
- $this->trustedBrowserRepositoy = $trustedBrowserRepositoy;
- }
-
- protected function post(array $request = [])
- {
- if (!local_user() || !($this->cookie->get('2fa_cookie_hash'))) {
- return;
- }
-
- $action = $request['action'] ?? '';
-
- if (!empty($action)) {
- self::checkFormSecurityTokenRedirectOnError('2fa', 'twofactor_signout');
-
- switch ($action) {
- case 'trust_and_sign_out':
- $trusted = $this->cookie->get('2fa_cookie_hash');
- $this->cookie->reset(['2fa_cookie_hash' => $trusted]);
- $this->session->clear();
-
- info($this->t('Logged out.'));
- $this->baseUrl->redirect();
- break;
- case 'sign_out':
- $this->trustedBrowserRepositoy->removeForUser(local_user(), $this->cookie->get('2fa_cookie_hash'));
- $this->cookie->clear();
- $this->session->clear();
-
- info($this->t('Logged out.'));
- $this->baseUrl->redirect();
- break;
- default:
- $this->baseUrl->redirect();
- }
- }
- }
-
- protected function content(array $request = []): string
- {
- if (!local_user() || !($this->cookie->get('2fa_cookie_hash'))) {
- $this->baseUrl->redirect();
- }
-
- try {
- $trustedBrowser = $this->trustedBrowserRepositoy->selectOneByHash($this->cookie->get('2fa_cookie_hash'));
- if (!$trustedBrowser->trusted) {
- $trusted = $this->cookie->get('2fa_cookie_hash');
- $this->cookie->reset(['2fa_cookie_hash' => $trusted]);
- $this->session->clear();
-
- info($this->t('Logged out.'));
- $this->baseUrl->redirect();
- }
- } catch (NotFoundException $exception) {
- $this->cookie->clear();
- $this->session->clear();
-
- info($this->t('Logged out.'));
- $this->baseUrl->redirect();
- }
-
- return Renderer::replaceMacros(Renderer::getMarkupTemplate('twofactor/signout.tpl'), [
- '$form_security_token' => self::getFormSecurityToken('twofactor_signout'),
-
- '$title' => $this->t('Sign out of this browser?'),
- '$message' => $this->t('<p>If you trust this browser, you will not be asked for verification code the next time you sign in.</p>'),
- '$sign_out_label' => $this->t('Sign out'),
- '$cancel_label' => $this->t('Cancel'),
- '$trust_and_sign_out_label' => $this->t('Trust and sign out'),
- ]);
- }
-}
try {
User::getIdFromPasswordAuthentication(local_user(), $_POST['password'] ?? '');
- $has_secret = (bool) DI::pConfig()->get(local_user(), '2fa', 'secret');
- $verified = DI::pConfig()->get(local_user(), '2fa', 'verified');
+ $has_secret = (bool)DI::pConfig()->get(local_user(), '2fa', 'secret');
+ $verified = DI::pConfig()->get(local_user(), '2fa', 'verified');
switch ($_POST['action'] ?? '') {
case 'enable':
DI::pConfig()->set(local_user(), '2fa', 'secret', $Google2FA->generateSecretKey(32));
- DI::baseUrl()->redirect('settings/2fa/recovery?t=' . self::getFormSecurityToken('settings_2fa_password'));
+ DI::baseUrl()
+ ->redirect('settings/2fa/recovery?t=' . self::getFormSecurityToken('settings_2fa_password'));
}
break;
case 'disable':
break;
case 'recovery':
if ($has_secret) {
- DI::baseUrl()->redirect('settings/2fa/recovery?t=' . self::getFormSecurityToken('settings_2fa_password'));
+ DI::baseUrl()
+ ->redirect('settings/2fa/recovery?t=' . self::getFormSecurityToken('settings_2fa_password'));
}
break;
case 'app_specific':
if ($has_secret) {
- DI::baseUrl()->redirect('settings/2fa/app_specific?t=' . self::getFormSecurityToken('settings_2fa_password'));
+ DI::baseUrl()
+ ->redirect('settings/2fa/app_specific?t=' . self::getFormSecurityToken('settings_2fa_password'));
}
break;
case 'trusted':
if ($has_secret) {
- DI::baseUrl()->redirect('settings/2fa/trusted?t=' . self::getFormSecurityToken('settings_2fa_password'));
+ DI::baseUrl()
+ ->redirect('settings/2fa/trusted?t=' . self::getFormSecurityToken('settings_2fa_password'));
}
break;
case 'configure':
if (!$verified) {
- DI::baseUrl()->redirect('settings/2fa/verify?t=' . self::getFormSecurityToken('settings_2fa_password'));
+ DI::baseUrl()
+ ->redirect('settings/2fa/verify?t=' . self::getFormSecurityToken('settings_2fa_password'));
}
break;
}
+ } catch (FoundException $exception) {
+ // Nothing to do here
} catch (\Exception $e) {
- if (!($e instanceof FoundException)) {
- notice(DI::l10n()->t($e->getMessage()));
- }
+ notice(DI::l10n()->t($e->getMessage()));
}
}
'[/]' => [Module\Security\TwoFactor\Verify::class, [R::GET, R::POST]],
'/recovery' => [Module\Security\TwoFactor\Recovery::class, [R::GET, R::POST]],
'/trust' => [Module\Security\TwoFactor\Trust::class, [R::GET, R::POST]],
- '/signout' => [Module\Security\TwoFactor\Signout::class, [R::GET, R::POST]],
+ '/signout' => [Module\Security\TwoFactor\SignOut::class, [R::GET, R::POST]],
],
'/api' => [
projects / friendica.git / commitdiff