gtoriadotnet
/
fobe-web
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

2step prep

This commit is contained in:
Austin 2021-11-12 14:12:52 -05:00
parent af3035900a
commit e2331861d7
2 changed files with 63 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
globals/config.php
View File

@ -92,7 +92,7 @@ try
//authenticator
$authenticator = new PHPGangsta_GoogleAuthenticator();
//mailer
$mail = new PHPMailer\PHPMailer\PHPMailer(true);
$mail->IsSMTP();
@ -130,27 +130,39 @@ try
$activated = $activated->isUserActivated($GLOBALS['user']->id);
$maintenance = checkIfUnderMaintenance();
$banned = checkIfBanned($GLOBALS['user']->id);
$twofactor = isSession2FAUnlocked();
//step 1, check if under maintenance
if ($maintenance) { //maintenance redirect
if ($accesseddirectory != "/maintenance.php") {
redirect($url . "/maintenance");
}
}
if ($banned && !$maintenance) { //ban redirect
//step 2, check if user is banned
if ($GLOBALS['user']->logged_in && $banned) { //ban redirect
if ($accesseddirectory != "/ban.php" &&
$accesseddirectory != "/logout.php") {
redirect($url . "/ban");
}
}
if ($GLOBALS['user']->logged_in && !$activated && !$banned && !$maintenance) { //activation redirect
//step 3, check if user is activated
if ($GLOBALS['user']->logged_in && !$activated) { //activation redirect
if ($accesseddirectory != "/activate.php" &&
$accesseddirectory != "/logout.php") {
redirect($url . "/activate");
}
}
//step 4, check if 2fa is authenticated
if ($GLOBALS['user']->logged_in && !$twofactor) { //2fa redirect
if ($accesseddirectory != "/2fa.php") {
redirect($url . "/2fa");
}
}
//pages accessible to users who aren't logged in
if (!$GLOBALS['user']->logged_in) { //not logged in
if ($accesseddomain == "www.".$domain) { //www

49
globals/functions.php
View File

@ -5260,6 +5260,7 @@ function deleteUser2FA($userid)
$del->bindParam(":uid", $userid, PDO::PARAM_INT);
$del->execute();
if ($del->rowCount() > 0) {
deauth2FAUserSession();
return true;
}
return false;
@ -5293,6 +5294,7 @@ function activateUser2FA($userid, $code) //after initializing we make sure it wo
$check = $GLOBALS['pdo']->prepare("UPDATE `google_2fa` SET `validated` = 1 WHERE `userid` = :uid");
$check->bindParam(":uid", $userid, PDO::PARAM_INT);
if ($check->execute()) {
auth2FAUserSession();
return true;
}
}
@ -5339,9 +5341,54 @@ function getUser2FAQR($userid)
}
}
function isSession2FAUnlocked()
{
$localuser = $GLOBALS['user']->id;
$session = $GLOBALS['user']->sessionCookieID;
$check = $GLOBALS['pdo']->prepare("SELECT * FROM `sessions` WHERE `twoFactorUnlocked` = 1 AND `id` = :session");
$check->bindParam(":session", $session, PDO::PARAM_INT);
$check->execute();
if ($check->rowCount() > 0 || !is2FAInitialized($localuser)) {
return true;
}
return false;
}
function auth2FAUserSession()
{
$session = $GLOBALS['user']->sessionCookieID;
$check = $GLOBALS['pdo']->prepare("UPDATE `sessions` SET `twoFactorUnlocked` = 1 WHERE `id` = :session");
$check->bindParam(":session", $session, PDO::PARAM_INT);
if ($check->execute()) {
return true;
}
return false;
}
function deauth2FAUserSession()
{
$session = $GLOBALS['user']->sessionCookieID;
$check = $GLOBALS['pdo']->prepare("UPDATE `sessions` SET `twoFactorUnlocked` = 0 WHERE `id` = :session");
$check->bindParam(":session", $session, PDO::PARAM_INT);
if ($check->execute()) {
return true;
}
return false;
}
function attemptSession2FAUnlock($code)
{
$localuser = $GLOBALS['user']->id;
if (!isSession2FAUnlocked()) {
if (verify2FACode($localuser, $code)) {
auth2FAUserSession();
}
}
}
function setBlurb($newblurb)
{
$newblurb = cleanInput($newblurb);