* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
use SP\SessionUtil;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
SP\Request::checkReferer('POST');
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SessionUtil::checkSessionKey($sk)) {
SP\Response::printJSON(_('CONSULTA INVÁLIDA'));
}
$userId = SP\Request::analyze('itemId', 0);
$pin = SP\Request::analyze('security_pin', 0);
$twoFa = new \SP\Auth\Auth2FA($userId, $userLogin);
if ($userId && $pin && $twoFa->verifyKey($pin)) {
\SP\Session::set2FApassed(true);
SP\Response::printJSON(_('Código correcto'), 0, 'sysPassUtil.Common.redirect(\'index.php\')');
} else {
\SP\Session::set2FApassed(false);
SP\Response::printJSON(_('Código incorrecto'));
}
