gtoriadotnet
/
fobe-web
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

2fa release

This commit is contained in:
Austin 2021-11-13 00:21:59 -05:00
parent 4544d2ffde
commit c13fa32eef
7 changed files with 3 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
globals/config.php
View File

@ -132,7 +132,6 @@ try
$banned = checkIfBanned($GLOBALS['user']->id); $banned = checkIfBanned($GLOBALS['user']->id);
$twofactor = isSession2FAUnlocked(); $twofactor = isSession2FAUnlocked();
//step 1, check if under maintenance //step 1, check if under maintenance
if ($maintenance) { //maintenance redirect if ($maintenance) { //maintenance redirect
if ($accesseddirectory != "/maintenance.php") { if ($accesseddirectory != "/maintenance.php") {

2
globals/functions.php
View File

@ -5334,7 +5334,7 @@ function initialize2FA($userid)
$username = getUsername($userid); $username = getUsername($userid);
if ($username) { if ($username) {
$secret = safeGenerate2FASecret(); $secret = safeGenerate2FASecret();
$qrcode = $GLOBALS['authenticator']->getQRCodeGoogleUrl($username, $secret, "alphaland.cc"); $qrcode = $GLOBALS['authenticator']->getQRCodeGoogleUrl($username, $secret, "Alphaland");
$new2fa = $GLOBALS['pdo']->prepare("INSERT INTO `google_2fa`(`userid`, `secret`, `qr`, `whenGenerated`) VALUES (:uid, :secret, :qr, UNIX_TIMESTAMP())"); $new2fa = $GLOBALS['pdo']->prepare("INSERT INTO `google_2fa`(`userid`, `secret`, `qr`, `whenGenerated`) VALUES (:uid, :secret, :qr, UNIX_TIMESTAMP())");
$new2fa->bindParam(":uid", $userid, PDO::PARAM_INT); $new2fa->bindParam(":uid", $userid, PDO::PARAM_INT);
$new2fa->bindParam(":secret", $secret, PDO::PARAM_STR); $new2fa->bindParam(":secret", $secret, PDO::PARAM_STR);

7
html/settings/index.php
View File

@ -19,7 +19,7 @@ $body = <<<EOT
<div class="card-body text-center"> <div class="card-body text-center">
<div class="nav flex-column nav-pills" id="v-pills-tab" role="tablist" aria-orientation="vertical"> <div class="nav flex-column nav-pills" id="v-pills-tab" role="tablist" aria-orientation="vertical">
<a class="nav-link active red-a-nounder" id="v-pills-account-tab" data-toggle="pill" href="#v-pills-account" role="tab" aria-controls="v-pills-account" aria-selected="true">Account</a> <a class="nav-link active red-a-nounder" id="v-pills-account-tab" data-toggle="pill" href="#v-pills-account" role="tab" aria-controls="v-pills-account" aria-selected="true">Account</a>
<a style="display:none;" class="nav-link red-a-nounder" id="v-pills-2fa-tab" data-toggle="pill" href="#v-pills-2fa" role="tab" aria-controls="v-pills-2fa" aria-selected="false">2FA</a> <a class="nav-link red-a-nounder" id="v-pills-2fa-tab" data-toggle="pill" href="#v-pills-2fa" role="tab" aria-controls="v-pills-2fa" aria-selected="false">2FA</a>
<a class="nav-link red-a-nounder" id="v-pills-privacy-tab" data-toggle="pill" href="#v-pills-privacy" role="tab" aria-controls="v-pills-privacy" aria-selected="false">Privacy</a> <a class="nav-link red-a-nounder" id="v-pills-privacy-tab" data-toggle="pill" href="#v-pills-privacy" role="tab" aria-controls="v-pills-privacy" aria-selected="false">Privacy</a>
<a class="nav-link red-a-nounder" id="v-pills-theme-tab" data-toggle="pill" href="#v-pills-theme" role="tab" aria-controls="v-pills-theme" aria-selected="false">Theme</a> <a class="nav-link red-a-nounder" id="v-pills-theme-tab" data-toggle="pill" href="#v-pills-theme" role="tab" aria-controls="v-pills-theme" aria-selected="false">Theme</a>
<a style="display:none;" class="nav-link red-a-nounder" id="v-pills-referral-tab" data-toggle="pill" href="#v-pills-referral" role="tab" aria-controls="v-pills-referral" aria-selected="false">Referrals</a> <a style="display:none;" class="nav-link red-a-nounder" id="v-pills-referral-tab" data-toggle="pill" href="#v-pills-referral" role="tab" aria-controls="v-pills-referral" aria-selected="false">Referrals</a>
@ -328,11 +328,6 @@ function initializeSettings()
} else { } else {
$("#settings_email_unverified").show() $("#settings_email_unverified").show()
} }
//currently locked to feature testers
if(object.featuretester) {
$("#v-pills-2fa-tab").show()
}
}); });
} }

6
html_api/settings/index.php
View File

@ -26,11 +26,8 @@ $joinpref = $userquery->canJoin;
$tradepref = null; $tradepref = null;
$theme = $userquery->theme; $theme = $userquery->theme;
//feature tester locked
//initialize 2FA in the database if it hasnt been already //initialize 2FA in the database if it hasnt been already
if (inFeatureTesterGroup($userid)) { initialize2FA($userid);
initialize2FA($userid);
}
$userInfo = array ( $userInfo = array (
"userid" => $userid, "userid" => $userid,
@ -38,7 +35,6 @@ $userInfo = array (
"email" => $email, "email" => $email,
"verified" => $verified, "verified" => $verified,
"blurb" => $blurb, "blurb" => $blurb,
"featuretester" => inFeatureTesterGroup($userid),
"twofactorenabled" => is2FAInitialized($userid), "twofactorenabled" => is2FAInitialized($userid),
"referralprogram" => inReferralProgram($userid), "referralprogram" => inReferralProgram($userid),
"joinpref" => $joinpref, "joinpref" => $joinpref,

5
html_api/settings/twofactor/activate.php
View File

@ -10,11 +10,6 @@ header("access-control-allow-credentials: true");
$userid = $user->id; $userid = $user->id;
//feature tester locked
if (!inFeatureTesterGroup($userid)) {
die(http_response_code(401));
}
$data = json_decode(file_get_contents('php://input')); $data = json_decode(file_get_contents('php://input'));
if (!$data) if (!$data)

5
html_api/settings/twofactor/disable.php
View File

@ -11,9 +11,4 @@ header('Content-Type: application/json');
$userid = $user->id; $userid = $user->id;
//feature tester locked
if (!inFeatureTesterGroup($userid)) {
die(http_response_code(401));
}
echo json_encode(array("success" => deleteUser2FA($userid))); echo json_encode(array("success" => deleteUser2FA($userid)));

5
html_api/settings/twofactor/qr.php
View File

@ -12,9 +12,4 @@ header('Content-Type: application/json');
$userid = $user->id; $userid = $user->id;
//feature tester locked
if (!inFeatureTesterGroup($userid)) {
die(http_response_code(401));
}
die(json_encode(["qr"=>getUser2FAQR($userid)])); die(json_encode(["qr"=>getUser2FAQR($userid)]));