function mo2f_pass2login_mobile_verification($user)
 {
     $useragent = $_SERVER['HTTP_USER_AGENT'];
     if (strpos($useragent, 'Mobi') !== false) {
         unset($_SESSION['mo2f-login-qrCode']);
         unset($_SESSION['mo2f-login-transactionId']);
         $_SESSION['mo2f-login-message'] = 'Please enter the one time passcode shown in the miniOrange Authenticator app.';
         $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
     } else {
         $challengeMobile = new Customer_Setup();
         $content = $challengeMobile->send_otp_token(get_user_meta($user->ID, 'mo_2factor_map_id_with_email', true), 'MOBILE AUTHENTICATION', get_option('mo2f_customerKey'), get_option('mo2f_api_key'));
         $response = json_decode($content, true);
         if (json_last_error() == JSON_ERROR_NONE) {
             /* Generate Qr code */
             if ($response['status'] == 'SUCCESS') {
                 $_SESSION['mo2f-login-qrCode'] = $response['qrCode'];
                 $_SESSION['mo2f-login-transactionId'] = $response['txId'];
                 $_SESSION['mo_2factor_login_status'] = 'MO_2_FACTOR_CHALLENGE_MOBILE_AUTHENTICATION';
             } else {
                 if ($response['status'] == 'ERROR') {
                     $this->remove_current_activity();
                     $error = new WP_Error();
                     $error->add('empty_username', __('<strong>ERROR</strong>: An error occured while processing your request. Please Try again.'));
                     return $error;
                 }
             }
         } else {
             $this->remove_current_activity();
             $error = new WP_Error();
             $error->add('empty_username', __('<strong>ERROR</strong>: An error occured while processing your request. Please Try again.'));
             return $error;
         }
     }
 }
コード例 #2
0
 function mo2f_create_customer($current_user)
 {
     delete_user_meta($current_user->ID, 'mo2f_sms_otp_count');
     delete_user_meta($current_user->ID, 'mo2f_email_otp_count');
     $customer = new Customer_Setup();
     $customerKey = json_decode($customer->create_customer(), true);
     if ($customerKey['status'] == 'ERROR') {
         update_option('mo2f_message', $customerKey['message']);
         $this->mo_auth_show_error_message();
     } else {
         if (strcasecmp($customerKey['status'], 'CUSTOMER_USERNAME_ALREADY_EXISTS') == 0) {
             //admin already exists in miniOrange
             $content = $customer->get_customer_key();
             $customerKey = json_decode($content, true);
             if (json_last_error() == JSON_ERROR_NONE) {
                 if (array_key_exists("status", $customerKey) && $customerKey['status'] == 'ERROR') {
                     update_option('mo2f_message', $customerKey['message']);
                     $this->mo_auth_show_error_message();
                 } else {
                     update_option('mo2f_customerKey', $customerKey['id']);
                     update_option('mo2f_api_key', $customerKey['apiKey']);
                     update_option('mo2f_customer_token', $customerKey['token']);
                     update_option('mo2f_app_secret', $customerKey['appSecret']);
                     update_option('mo2f_miniorange_admin', $current_user->ID);
                     delete_option('mo2f_password');
                     update_option('mo_2factor_admin_registration_status', 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS');
                     update_user_meta($current_user->ID, 'mo_2factor_user_registration_with_miniorange', 'SUCCESS');
                     update_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', get_option('mo2f_email'));
                     update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS');
                     $enduser = new Two_Factor_Setup();
                     $enduser->mo2f_update_userinfo(get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true), 'OUT OF BAND EMAIL', null, 'API_2FA', true);
                     update_user_meta($current_user->ID, 'mo2f_email_verification_status', true);
                     update_option('mo2f_message', 'Your account has been retrieved successfully. <b>Email Verification</b> has been set as your default 2nd factor method. <a href=\\"admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure\\" >Click Here </a>to configure another 2nd factor authentication method.');
                     $this->mo_auth_show_success_message();
                 }
             } else {
                 update_option('mo2f_message', 'Invalid email or password. Please try again.');
                 update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_VERIFY_CUSTOMER');
                 $this->mo_auth_show_error_message();
             }
         } else {
             update_option('mo2f_customerKey', $customerKey['id']);
             update_option('mo2f_api_key', $customerKey['apiKey']);
             update_option('mo2f_customer_token', $customerKey['token']);
             update_option('mo2f_app_secret', $customerKey['appSecret']);
             update_option('mo2f_miniorange_admin', $current_user->ID);
             delete_option('mo2f_password');
             update_option('mo_2factor_admin_registration_status', 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS');
             update_user_meta($current_user->ID, 'mo_2factor_user_registration_with_miniorange', 'SUCCESS');
             update_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', get_option('mo2f_email'));
             update_option('mo2f_message', 'Your account has been created successfully. ');
             update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_PLUGIN_SETTINGS');
             $enduser = new Two_Factor_Setup();
             $enduser->mo2f_update_userinfo(get_user_meta($current_user->ID, 'mo_2factor_map_id_with_email', true), 'OUT OF BAND EMAIL', null, 'API_2FA', true);
             update_user_meta($current_user->ID, 'mo2f_email_verification_status', true);
             update_option('mo2f_message', 'Your account has been created successfully. <b>Email Verification</b> has been set as your default 2nd factor method. <a href=\\"admin.php?page=miniOrange_2_factor_settings&amp;mo2f_tab=mobile_configure\\" >Click Here </a>to configure another 2nd factor authentication method.');
             $this->mo_auth_show_success_message();
             header('Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_pricing');
         }
     }
 }
 function miniorange_user_save_settings()
 {
     global $wpdb;
     global $current_user;
     get_currentuserinfo();
     if (!current_user_can('manage_options')) {
         if (isset($_POST['option']) and $_POST['option'] == "mo_2factor_validate_user_otp") {
             //validate OTP
             //validation and sanitization
             $otp_token = '';
             if (MO2f_Utility::mo2f_check_empty_or_null($_POST['otp_token'])) {
                 update_option('mo2f_message', 'All the fields are required. Please enter valid entries.');
                 $this->mo_auth_show_error_message();
                 return;
             } else {
                 $otp_token = sanitize_text_field($_POST['otp_token']);
             }
             if (!MO2f_Utility::check_if_email_is_already_registered(get_user_meta($current_user->ID, 'mo_2factor_user_email', true))) {
                 $customer = new Customer_Setup();
                 $transactionId = get_user_meta($current_user->ID, 'mo_2fa_verify_otp_create_account', true);
                 $content = json_decode($customer->validate_otp_token('EMAIL', null, $transactionId, $otp_token, get_option('mo2f_customerKey'), get_option('mo2f_api_key')), true);
                 if ($content['status'] == 'ERROR') {
                     update_option('mo2f_message', $content['message']);
                     delete_user_meta($current_user->ID, 'mo_2fa_verify_otp_create_account');
                 } else {
                     if (strcasecmp($content['status'], 'SUCCESS') == 0) {
                         //OTP validated and generate QRCode
                         $this->mo2f_create_user($current_user, get_user_meta($current_user->ID, 'mo_2factor_user_email', true));
                     } else {
                         // OTP Validation failed.
                         update_option('mo2f_message', 'Invalid OTP. Please try again.');
                         update_user_meta($current_user->ID, 'mo_2factor_user_registration_status', 'MO_2_FACTOR_OTP_DELIVERED_FAILURE');
                         $this->mo_auth_show_error_message();
                     }
                     delete_user_meta($current_user->ID, 'mo_2fa_verify_otp_create_account');
                 }
             } else {
                 update_option('mo2f_message', 'The email is already used by other user. Please register with other email by clicking on Back button.');
                 $this->mo_auth_show_error_message();
             }
         }
     }
 }