Example #1
0
 /**
  * check password function
  * @param string $uid user id
  * @param string $password value of the password
  * @return boolean
  */
 public function checkPassword($uid, $password)
 {
     //print_r($_SERVER);
     OC_Log::write('OC_USER_OTP', __FUNCTION__ . '().', OC_Log::DEBUG);
     $userBackend = $this->getRealBackend($uid);
     if ($userBackend === null) {
         return false;
     }
     // enable change password without ipunt OTP
     if (isset($_SERVER['PATH_INFO']) && $_SERVER['PATH_INFO'] == "/settings/personal/changepassword") {
         return $userBackend->checkPassword($uid, $password);
     }
     //print_r($_SERVER['PATH_INFO']);exit;
     // if access is made by remote.php and option is note set to force mtop, keep standard auth methode
     // this for keep working webdav access and sync apps
     // And news api for android new app
     // And ocsms app, pictures thumbnails, file sharing
     if ((basename($_SERVER['SCRIPT_NAME']) === 'remote.php' || isset($_SERVER['PATH_INFO']) && (preg_match("#^/apps/news/api/v1-2(.*)\$#i", $_SERVER['PATH_INFO']) || preg_match("#^/apps/ocsms(.*)\$#i", $_SERVER['PATH_INFO']) || preg_match("#^/apps/files/api/v1/thumbnail(.*)\$#i", $_SERVER['PATH_INFO']) || preg_match("#^/apps/files_sharing/api/v1/shares(.*)\$#i", $_SERVER['PATH_INFO']))) && OCP\Config::getAppValue('user_otp', 'disableOtpOnRemoteScript', true)) {
         return $userBackend->checkPassword($uid, $password);
     }
     if (OCP\Config::getAppValue('user_otp', 'bypassOtpOnIntranet', false) && isset($_SERVER['REMOTE_ADDR']) && $this->is_private_ip($_SERVER['REMOTE_ADDR'])) {
         OC_Log::write('OC_USER_OTP', 'Skipping OTP for user ' . $uid . ' from private ip ' . $_SERVER['REMOTE_ADDR'], OC_Log::WARN);
         return $userBackend->checkPassword($uid, $password);
     }
     if (!$this->mOtp->CheckUserExists($uid)) {
         OCP\Util::writeLog('OC_USER_OTP', $name . '().', OCP\Util::DEBUG);
         return $userBackend->checkPassword($uid, $password);
     } else {
         $this->mOtp->SetUser($uid);
         $authMethode = OCP\Config::getAppValue('user_otp', 'authMethod', _AUTH_DEFAULT_);
         OCP\Util::writeLog('OC_USER_OTP', $name . '().', OCP\Util::DEBUG);
         switch ($authMethode) {
             case _AUTH_STANDARD_:
                 return $userBackend->checkPassword($uid, $password);
                 break;
             case _AUTH_OTP_OR_STANDARD_:
                 $result = $userBackend->checkPassword($uid, $password);
                 if ($result) {
                     return $result;
                 }
                 // break; no break beacause we try with OTP
             // break; no break beacause we try with OTP
             case _AUTH_OTP_ONLY_:
                 $result = $this->mOtp->CheckToken($password);
                 if ($result === 0) {
                     return $uid;
                 } else {
                     if (isset($this->mOtp->_errors_text[$result])) {
                         echo $this->mOtp->_errors_text[$result];
                     }
                 }
                 return false;
                 break;
             case _AUTH_TWOFACTOR_:
                 if (OCP\Config::getAppValue('user_otp', 'inputOtpAfterPwd', '0') === '1') {
                     $this->mOtp->SetUser($uid);
                     $otpSize = $this->mOtp->GetTokenNumberOfDigits() + strlen($this->mOtp->GetUserPin()) * $this->mOtp->GetUserPrefixPin();
                     $_POST['otpPassword'] = substr($password, -$otpSize);
                     $password = substr($password, 0, strlen($password) - $otpSize);
                     //~ var_dump($this->mOtp->GetUserPrefixPin());
                     //~ var_dump($otpSize);
                     //~ var_dump($password);
                     //~ var_dump($_POST['otpPassword']);
                 }
                 //~ var_dump($password);
                 //~ var_dump($_POST['otpPassword']);
                 //~ exit;
                 if (!isset($_POST['otpPassword']) || $_POST['otpPassword'] === "") {
                     return false;
                 }
                 OCP\Util::writeLog('OC_USER_OTP', $name . '().', OCP\Util::DEBUG);
                 $result = $this->mOtp->CheckToken($_POST['otpPassword']);
                 if ($result === 0) {
                     return $userBackend->checkPassword($uid, $password);
                 } else {
                     if (isset($this->mOtp->_errors_text[$result])) {
                         echo $this->mOtp->_errors_text[$result];
                     }
                 }
                 return false;
                 break;
         }
     }
 }
Example #2
0
 /**
  * check password function
  * @param string $uid user id
  * @param string $password value of the password
  * @return boolean
  */
 public function checkPassword($uid, $password)
 {
     //print_r($_SERVER);
     OC_Log::write('OC_USER_OTP', __FUNCTION__ . '().', OC_Log::DEBUG);
     $userBackend = $this->getRealBackend($uid);
     if ($userBackend === null) {
         return false;
     }
     // enable change password without ipunt OTP
     if ($_SERVER['PATH_INFO'] == "/settings/personal/changepassword") {
         return $userBackend->checkPassword($uid, $password);
     }
     //if access is made by remote.php and option is note set to force mtop, keep standard auth methode
     // this for keep working webdav access and sync apps
     if (basename($_SERVER['SCRIPT_NAME']) === 'remote.php' && OCP\Config::getAppValue('user_otp', 'disableOtpOnRemoteScript', true)) {
         return $userBackend->checkPassword($uid, $password);
     }
     if (!$this->mOtp->CheckUserExists($uid)) {
         OC_Log::write('OC_USER_OTP', 'No OTP for user ' . $uid . ' use user backend', OC_Log::DEBUG);
         return $userBackend->checkPassword($uid, $password);
     } else {
         $this->mOtp->SetUser($uid);
         $authMethode = OCP\Config::getAppValue('user_otp', 'authMethod', _AUTH_DEFAULT_);
         OC_Log::write('OC_USER_OTP', 'used auth method : ' . $authMethode, OC_Log::DEBUG);
         switch ($authMethode) {
             case _AUTH_STANDARD_:
                 return $userBackend->checkPassword($uid, $password);
                 break;
             case _AUTH_OTP_OR_STANDARD_:
                 $result = $userBackend->checkPassword($uid, $password);
                 if ($result) {
                     return $result;
                 }
                 // break; no break beacause we try with OTP
             // break; no break beacause we try with OTP
             case _AUTH_OTP_ONLY_:
                 $result = $this->mOtp->CheckToken($password);
                 if ($result === 0) {
                     return $uid;
                 } else {
                     if (isset($this->mOtp->_errors_text[$result])) {
                         echo $this->mOtp->_errors_text[$result];
                     }
                 }
                 return false;
                 break;
             case _AUTH_TWOFACTOR_:
                 if (OCP\Config::getAppValue('user_otp', 'inputOtpAfterPwd', '0') === '1') {
                     $this->mOtp->SetUser($uid);
                     $otpSize = $this->mOtp->GetTokenNumberOfDigits() + strlen($this->mOtp->GetUserPin()) * $this->mOtp->GetUserPrefixPin();
                     $_POST['otpPassword'] = substr($password, -$otpSize);
                     $password = substr($password, 0, strlen($password) - $otpSize);
                     //~ var_dump($this->mOtp->GetUserPrefixPin());
                     //~ var_dump($otpSize);
                     //~ var_dump($password);
                     //~ var_dump($_POST['otpPassword']);
                 }
                 //~ var_dump($password);
                 //~ var_dump($_POST['otpPassword']);
                 //~ exit;
                 if (!isset($_POST['otpPassword']) || $_POST['otpPassword'] === "") {
                     return false;
                 }
                 OC_Log::write('OC_USER_OTP', 'used OTP : ' . $_POST['otpPassword'], OC_Log::DEBUG);
                 $result = $this->mOtp->CheckToken($_POST['otpPassword']);
                 if ($result === 0) {
                     return $userBackend->checkPassword($uid, $password);
                 } else {
                     if (isset($this->mOtp->_errors_text[$result])) {
                         echo $this->mOtp->_errors_text[$result];
                     }
                 }
                 return false;
                 break;
         }
     }
 }