<?php
include_once __DIR__ . "/../lib/Google/Authenticator/FixedBitNotation.php";
include_once __DIR__ . "/../lib/Google/Authenticator/GoogleAuthenticator.php";
$secret = 'XVQ2UIGO75XRUKJO';
$time = floor(time() / 30);
$code = "846474";
$g = new \Google\Authenticator\GoogleAuthenticator();
print "Current Code is: ";
print $g->getCode($secret);
print "\n";
print "Check if {$code} is valid: ";
if ($g->checkCode($secret, $code)) {
print "YES \n";
} else {
print "NO \n";
}
$secret = $g->generateSecret();
print "Get a new Secret: {$secret} \n";
print "The QR Code for this secret (to scan with the Google Authenticator App: \n";
print $g->getURL('chregu', 'example.org', $secret);
print "\n";
/**
* Finds a user by the given credentials.
*/
public function confirmUserByCredentials($user, array $credentials)
{
if (!$user->mfa_enabled) {
return $user;
}
if (!$user->mfa_secret) {
throw new Exception('User has not generated an MFA code.');
}
require_once __DIR__ . "/../vendor/sonata-project/google-authenticator/lib/FixedBitNotation.php";
require_once __DIR__ . "/../vendor/sonata-project/google-authenticator/lib/GoogleAuthenticator.php";
$g = new \Google\Authenticator\GoogleAuthenticator();
$code = $g->getCode($user->mfa_secret);
if ($credentials['code'] != $code) {
throw new Exception('A user was not found with the given credentials.');
}
return $user;
}
$user = $_SESSION['user'];
$user->setSecret($secret);
$mapper = $app->userMapper;
$mapper->save($user);
$app->flash('message', 'Successfully set up two factor authentication!');
$app->redirect('/');
}
$app->flash('error', 'Failed to confirm code');
$app->redirect('/setup2fa');
});
$app->get('/auth2fa', function () use($app) {
$user = $_SESSION['user_in_progress'];
$app->render('auth2fa.twig');
});
$app->post('/auth2fa', function () use($app) {
$user = $_SESSION['user_in_progress'];
$secret = $user->getSecret();
$code = $app->request->post('code');
$g = new \Google\Authenticator\GoogleAuthenticator();
if ($g->checkCode($secret, $code)) {
// code is valid!
$_SESSION['user'] = $_SESSION['user_in_progress'];
unset($_SESSION['user_in_progress']);
$app->flash('message', 'Successfully logged in using two factor authentication!');
$app->redirect('/');
}
$app->flash('error', 'Failed to confirm code');
$app->redirect('/auth2fa');
});
// Run app
$app->run();
//if he clicked logout, destroy the session and redirect to the startscreen.
if (isset($_GET['logout'])) {
session_destroy();
header("Location: ./");
}
// check if the user is logged in.
if ($user->isLoggedIn()) {
include __DIR__ . "/../tmpl/loggedin.php";
//show the QR code if whished so
if (isset($_GET['showqr'])) {
$secret = $user->getSecret();
include __DIR__ . "/../tmpl/show-qr.php";
}
} else {
if ($user->isOTP() && isset($_POST['otp'])) {
$g = new \Google\Authenticator\GoogleAuthenticator();
// check if the submitted token is the right one and log in
if ($g->checkCode($user->getSecret(), $_POST['otp'])) {
// do log-in the user
$user->doLogin();
//if the user clicked the "remember the token" checkbox, set the cookie
if (isset($_POST['remember']) && $_POST['remember']) {
$user->setOTPCookie();
}
include __DIR__ . "/../tmpl/loggedin.php";
} else {
session_destroy();
include __DIR__ . "/../tmpl/login-error.php";
}
} else {
session_destroy();
