public function TwoFactorCheck(&$result, $userinfo) { if ($userinfo !== false && $userinfo["two_factor_method"] == "sso_google_authenticator") { $info = $this->GetInfo(); $code = SSO_FrontendFieldValue("two_factor_code", ""); $twofactor = sso_login::GetTimeBasedOTP($userinfo["two_factor_key"], time() / 30); $twofactor2 = sso_login::GetTimeBasedOTP($userinfo["two_factor_key"], (time() - $info["clock_drift"]) / 30); $twofactor3 = sso_login::GetTimeBasedOTP($userinfo["two_factor_key"], (time() + $info["clock_drift"]) / 30); if ($code !== $twofactor && $code !== $twofactor2 && $code !== $twofactor3) { $result["errors"][] = BB_Translate("Invalid two-factor authentication code."); } } }
public function SendTwoFactorCode(&$result, $userrow, $userinfo) { // Send the two-factor authentication e-mail. $info = $this->GetInfo(); $fromaddr = BB_PostTranslate($info["email_from"] != "" ? $info["email_from"] : SSO_SMTP_FROM); $subject = BB_Translate($info["email_subject"]); $twofactor = sso_login::GetTimeBasedOTP($userinfo["two_factor_key"], time() / $info["window"]); $htmlmsg = str_ireplace(array("@USERNAME@", "@EMAIL@", "@TWOFACTOR@"), array(htmlspecialchars($userrow->username), htmlspecialchars($userrow->email), htmlspecialchars($twofactor)), BB_PostTranslate($info["email_msg"])); $textmsg = str_ireplace(array("@USERNAME@", "@EMAIL@", "@TWOFACTOR@"), array($userrow->username, $userrow->email, $twofactor), BB_PostTranslate($info["email_msg_text"])); $result2 = SSO_SendEmail($fromaddr, $userrow->email, $subject, $htmlmsg, $textmsg); if (!$result2["success"]) { $result["errors"][] = BB_Translate("Login exists but a fatal error occurred. Fatal error: Unable to send two-factor authentication e-mail. %s", $result["error"]); } }