/** * Shows the configuration page for this two factor authentication method. * * @param object $otpConfig The two factor auth configuration object * @param integer $user_id The numeric user ID of the user whose form we'll display * * @return boolean|string False if the method is not ours, the HTML of the configuration page otherwise * * @see UsersModelUser::getOtpConfig * @since 3.2 */ public function onUserTwofactorShowConfiguration($otpConfig, $user_id = null) { // Create a new TOTP class with Google Authenticator compatible settings $totp = new FOFEncryptTotp(30, 6, 10); if ($otpConfig->method == $this->methodName) { // This method is already activated. Reuse the same secret key. $secret = $otpConfig->config['code']; } else { // This methods is not activated yet. Create a new secret key. $secret = $totp->generateSecret(); } // These are used by Google Authenticator to tell accounts apart $username = JFactory::getUser($user_id)->username; $hostname = JFactory::getUri()->getHost(); // This is the URL to the QR code for Google Authenticator $url = $totp->getUrl($username, $hostname, $secret); // Is this a new TOTP setup? If so, we'll have to show the code validation field. $new_totp = $otpConfig->method != 'totp'; // Start output buffering @ob_start(); // Include the form.php from a template override. If none is found use the default. $path = FOFPlatform::getInstance()->getTemplateOverridePath('plg_twofactorauth_totp', true); JLoader::import('joomla.filesystem.file'); if (JFile::exists($path . '/form.php')) { include_once $path . '/form.php'; } else { include_once __DIR__ . '/tmpl/form.php'; } // Stop output buffering and get the form contents $html = @ob_get_clean(); // Return the form contents return array('method' => $this->methodName, 'form' => $html); }