/**
* Index
*
* @access public
*/
public function index()
{
$user = $this->getUser();
$this->checkCurrentUser($user);
$label = $user['email'] ?: $user['username'];
$this->response->html($this->layout('twofactor/index', array('user' => $user, 'qrcode_url' => $user['twofactor_activated'] == 1 ? GoogleAuthenticator::getQrCodeUrl('totp', $label, $user['twofactor_secret']) : '', 'key_url' => $user['twofactor_activated'] == 1 ? GoogleAuthenticator::getKeyUri('totp', $label, $user['twofactor_secret']) : '')));
}
public function totp()
{
$secret = GoogleAuthenticator::generateRandom();
$_SESSION['user']['totp_secret'] = $secret;
$username = $this->username;
$qrCode = GoogleAuthenticator::getQrCodeUrl('totp', 'GESTCOM CRIDIP ' . $username, $secret);
return $qrCode;
}
public function enable()
{
if (!Auth::check()) {
return Redirect::to('login');
}
$secret = GoogleAuthenticator::generateRandom();
$qr = GoogleAuthenticator::getQrCodeUrl('totp', urlencode(Config::get('login::nombreapplicacion')) . ':' . Auth::user()->email, $secret);
return View::make('login::login')->with('route', 'twostep.store')->with('mainPartial', 'twoStepEnablePartial')->with('footerPartial', 'twoStepPartialEnableFooter')->with('qr', $qr)->with('secret', $secret);
}
/**
* Tests getQrCodeUrl
*/
public function testGetQrCodeUrl()
{
$secret = 'MEP3EYVA6XNFNVNM';
// testing secret
// Standard totp case
$this->assertEquals('https://chart.googleapis.com/chart?chs=200x200&cht=qr&chld=M|0&chl=otpauth%3A%2F%2Ftotp%2Fuser%40host.com%3Fsecret%3DMEP3EYVA6XNFNVNM', GoogleAuthenticator::getQrCodeUrl('totp', '*****@*****.**', $secret));
// hotp (include a counter)
$this->assertEquals('https://chart.googleapis.com/chart?chs=200x200&cht=qr&chld=M|0&chl=otpauth%3A%2F%2Fhotp%2Fuser%40host.com%3Fsecret%3DMEP3EYVA6XNFNVNM%26counter%3D1234', GoogleAuthenticator::getQrCodeUrl('hotp', '*****@*****.**', $secret, 1234));
// totp, this time with a parameter for chaning the size of the QR
$this->assertEquals('https://chart.googleapis.com/chart?chs=300x300&cht=qr&chld=M|0&chl=otpauth%3A%2F%2Ftotp%2Fuser%40host.com%3Fsecret%3DMEP3EYVA6XNFNVNM', GoogleAuthenticator::getQrCodeUrl('totp', '*****@*****.**', $secret, null, array('height' => 300, 'width' => 300)));
}
/**
* Vue L'authentification à 2 facteurs
*/
public function totp()
{
$user = $this->auth->user();
if ($user->totp_key != '') {
return redirect(url('profil'))->with('error', 'L\'authentification à 2 facteurs est déjà activer');
}
$secret = GoogleAuthenticator::generateRandom();
$site_name = env('SITE_NAME', 'AltisPan');
$qrcode = GoogleAuthenticator::getQrCodeUrl('totp', "{$site_name} - {$user->name}", $secret);
Session::put('secret', $secret);
return view('users.totp', compact('qrcode'));
}
use ORM, Otp\GoogleAuthenticator;
$klein->respond('POST', '/ajax/account/totp', function ($request, $response) use($core) {
/*
* Generate the TOTP Token
*/
$secret = GoogleAuthenticator::generateRandom();
$account = ORM::forTable('users')->findOne($core->user->getData('id'));
$account->totp_secret = $secret;
$account->save();
/*
* Generate QR Code
*/
$response->body('<div class="row" id="notice_box_totp" style="display:none;"></div>
<div class="row">
<div class="col-md-6">
<center><img src="' . GoogleAuthenticator::getQrCodeUrl('totp', $core->user->getData('email'), $secret) . '" /><br /><br /><code>' . $secret . '</code></center>
</div>
<div class="col-md-6">
<div class="alert alert-info">Please verify your TOTP settings by scanning the QR Code to the right with your phone\'s authenticator application, and then enter the 6 number code generated by the application in the box below. Press the enter key when finished.</div>
<form action="#" method="post" id="totp_token_verify">
<div class="form-group">
<label class="control-label" for="totp_token">TOTP Token</label>
<input class="form-control" type="text" id="totp_token" style="" />
</div>
' . $core->auth->XSRF() . '
</form>
</div>
</div>')->send();
});
$klein->respond('POST', '/ajax/account/totp/verify', function ($request, $response) use($core) {
// Responding with body rather than a flash since this is an AJAX request.
/**
* Get QR code url
*
* @access public
* @param string $label
* @return string
*/
public function getQrCodeUrl($label)
{
if (empty($this->secret)) {
return '';
}
return GoogleAuthenticator::getQrCodeUrl('totp', $label, $this->secret);
}
/**
* Get QR code url
*
* @access public
* @param string $label
* @return string
*/
public function getQrCodeUrl($label)
{
if (empty($this->secret)) {
return '';
}
$options = array('issuer' => TOTP_ISSUER);
return GoogleAuthenticator::getQrCodeUrl('totp', $label, $this->secret, null, $options);
}
use Base32\Base32;
// Getting a secret, either by generating or from storage
// DON'T use sessions as storage for this in production!!!
$secret = 0;
if (isset($_SESSION['otpsecret'])) {
$secret = $_SESSION['otpsecret'];
}
if (strlen($secret) != 16) {
$secret = GoogleAuthenticator::generateRandom();
$_SESSION['otpsecret'] = $secret;
}
// The secret is now an easy stored Base32 string.
// To use it in totp though we need to decode it into the original
$otp = new Otp();
$currentTotp = $otp->totp(Base32::decode($secret));
$qrCode = GoogleAuthenticator::getQrCodeUrl('totp', 'otpsample@cr', $secret);
$keyUri = GoogleAuthenticator::getKeyUri('totp', 'otpsample@cr', $secret);
?>
<html>
<head>
<title>One Time Passwords Example</title>
</head>
<body>
<h1>One Time Passwords Example</h1>
Secret is <?php
echo $secret;
?>
. This is saved with the users credentials.
<br />
public function getQrCodeUrl($realm, $label, $secret)
{
return GoogleAuthenticator::getQrCodeUrl($realm, $label, $secret);
}
