* it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * sysPass is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with sysPass. If not, see <http://www.gnu.org/licenses/>. * */ use SP\SessionUtil; define('APP_ROOT', '..'); require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php'; SP\Request::checkReferer('POST'); $sk = SP\Request::analyze('sk', false); if (!$sk || !SessionUtil::checkSessionKey($sk)) { SP\Response::printJSON(_('CONSULTA INVÁLIDA')); } $userId = SP\Request::analyze('itemId', 0); $pin = SP\Request::analyze('security_pin', 0); $twoFa = new \SP\Auth\Auth2FA($userId, $userLogin); if ($userId && $pin && $twoFa->verifyKey($pin)) { \SP\Session::set2FApassed(true); SP\Response::printJSON(_('Código correcto'), 0, 'sysPassUtil.Common.redirect(\'index.php\')'); } else { \SP\Session::set2FApassed(false); SP\Response::printJSON(_('Código incorrecto')); }