2FA Dev
This commit is contained in:
Austin
parent
c9d7d3b3bf
commit
fa6b694768
|
|
@ -4,6 +4,105 @@ if(!($user->isOwner())) {
|
|||
die();
|
||||
}
|
||||
|
||||
$authenticator = new PHPGangsta_GoogleAuthenticator();
|
||||
|
||||
function safeGenerate2FASecret($username)
|
||||
{
|
||||
$secret = "";
|
||||
while (true) {
|
||||
$secret = $GLOBALS['authenticator']->createSecret();
|
||||
|
||||
$keycheck = $GLOBALS['pdo']->prepare("SELECT * FROM `google_2fa` WHERE `secret` = :ac");
|
||||
$keycheck->bindParam(":ac", $secret, PDO::PARAM_STR);
|
||||
$keycheck->execute();
|
||||
if ($keycheck->rowCount() == 0) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
return $secret;
|
||||
}
|
||||
|
||||
function deleteUser2FA($userid)
|
||||
{
|
||||
$del = $GLOBALS['pdo']->prepare("DELETE FROM `google_2fa` WHERE `userid` = :uid");
|
||||
$del->bindParam(":uid", $userid, PDO::PARAM_INT);
|
||||
$del->execute();
|
||||
}
|
||||
|
||||
function getUser2FASecret($userid)
|
||||
{
|
||||
$code = $GLOBALS['pdo']->prepare("SELECT * FROM `google_2fa` WHERE `userid` = :uid");
|
||||
$code->bindParam(":uid", $userid, PDO::PARAM_INT);
|
||||
$code->execute();
|
||||
if ($code->rowCount() > 0) {
|
||||
return $code->fetch(PDO::FETCH_OBJ)->secret;
|
||||
}
|
||||
}
|
||||
|
||||
function verify2FACode($userid, $code)
|
||||
{
|
||||
$secret = getUser2FASecret($userid);
|
||||
if ($secret) {
|
||||
if ($GLOBALS['authenticator']->verifyCode($secret, $code, 0)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
function activateUser2FA($userid, $code)
|
||||
{
|
||||
if(verify2FACode($userid, $code)) {
|
||||
$check = $GLOBALS['pdo']->prepare("UPDATE `google_2fa` SET `validated` = 1 WHERE `userid` = :uid");
|
||||
$check->bindParam(":uid", $userid, PDO::PARAM_INT);
|
||||
if ($check->execute()) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
function getUser2FAQR($userid)
|
||||
{
|
||||
$qrcode = $GLOBALS['pdo']->prepare("SELECT * FROM `google_2fa` WHERE `userid` = :uid");
|
||||
$qrcode->bindParam(":uid", $userid, PDO::PARAM_INT);
|
||||
$qrcode->execute();
|
||||
if ($qrcode->rowCount() > 0) {
|
||||
return $qrcode->fetch(PDO::FETCH_OBJ)->qr;
|
||||
}
|
||||
}
|
||||
|
||||
function initialize2FA($userid)
|
||||
{
|
||||
$check = $GLOBALS['pdo']->prepare("SELECT * FROM `google_2fa` WHERE `userid` = :uid");
|
||||
$check->bindParam(":uid", $userid, PDO::PARAM_INT);
|
||||
$check->execute();
|
||||
if ($check->rowCount() > 0) {
|
||||
deleteUser2FA($userid);
|
||||
}
|
||||
|
||||
$username = getUsername($userid);
|
||||
if ($username) {
|
||||
$secret = safeGenerate2FASecret($username);
|
||||
$qrcode = $GLOBALS['authenticator']->getQRCodeGoogleUrl($username, $secret, "alphaland.cc");
|
||||
$new2fa = $GLOBALS['pdo']->prepare("INSERT INTO `google_2fa`(`userid`, `secret`, `qr`, `whenGenerated`) VALUES (:uid, :secret, :qr, UNIX_TIMESTAMP())");
|
||||
$new2fa->bindParam(":uid", $userid, PDO::PARAM_INT);
|
||||
$new2fa->bindParam(":secret", $secret, PDO::PARAM_STR);
|
||||
$new2fa->bindParam(":qr", $qrcode, PDO::PARAM_STR);
|
||||
$new2fa->execute();
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
$username = "Astrologies";
|
||||
|
||||
$g = new \Google\Authenticator\GoogleAuthenticator();
|
||||
$salt = '8c9e27216a6ca82002eeb21db39b8656f3e2daa1dc7719b';
|
||||
$secret = $username.$salt;
|
||||
echo '<img src="'.$g->getURL($username, 'example.com', $secret).'" />';
|
||||
*/
|
||||
|
||||
|
||||
/*
|
||||
$validXML = true;
|
||||
try {
|
||||
|
|
|
|||
Loading…
Reference in New Issue