/**
* @param int $user_id
* @param bool $admin
* @param bool $auto_login
* @param bool $viewonline
* @param string $class
* @return \Symfony\Component\HttpFoundation\Response
* @throws http_exception
*/
public function submit($user_id, $admin, $auto_login, $viewonline, $class)
{
$this->user->add_lang_ext('paul999/tfa', 'common');
if (!check_form_key('tfa_login_page')) {
throw new http_exception(403, 'FORM_INVALID');
}
if (empty($this->user->data['tfa_random']) || $user_id != $this->user->data['tfa_uid']) {
throw new http_exception(400, 'TFA_SOMETHING_WENT_WRONG');
}
$random = $this->request->variable('random', '');
if ($this->user->data['tfa_random'] !== $random || strlen($random) !== 40) {
throw new http_exception(400, 'TFA_SOMETHING_WENT_WRONG');
}
$sql_ary = array('tfa_random' => '', 'tfa_uid' => 0);
$sql = 'UPDATE ' . SESSIONS_TABLE . ' SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . "\n\t\t\tWHERE\n\t\t\t\tsession_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "' AND\n\t\t\t\tsession_user_id = '" . (int) $this->user->data['user_id'];
$this->db->sql_query($sql);
if (empty($class)) {
throw new http_exception(400, 'TFA_SOMETHING_WENT_WRONG');
}
$module = $this->session_helper->findModule($class);
if ($module == null) {
throw new http_exception(400, 'TFA_SOMETHING_WENT_WRONG');
}
$redirect = $this->request->variable('redirect', "{$this->root_path}/index.{$this->php_ext}");
try {
if (!$module->login($user_id)) {
$this->template->assign_var('S_ERROR', $this->user->lang('TFA_INCORRECT_KEY'));
$this->session_helper->generate_page($user_id, $admin, $auto_login, $viewonline, $redirect);
}
} catch (http_exception $ex) {
if ($ex->getStatusCode() == 400) {
$this->template->assign_var('S_ERROR', $ex->getMessage());
$this->session_helper->generate_page($user_id, $admin, $auto_login, $viewonline, $redirect);
}
}
$old_session_id = $this->user->session_id;
if ($admin) {
$cookie_expire = time() - 31536000;
$this->user->set_cookie('u', '', $cookie_expire);
$this->user->set_cookie('sid', '', $cookie_expire);
}
$result = $this->user->session_create($user_id, $admin, $auto_login, $viewonline);
// Successful session creation
if ($result === true) {
// If admin re-authentication we remove the old session entry because a new one has been created...
if ($admin) {
// the login array is used because the user ids do not differ for re-authentication
$sql = 'DELETE FROM ' . SESSIONS_TABLE . "\n\t\t\t\t\tWHERE session_id = '" . $this->db->sql_escape($old_session_id) . "'\n\t\t\t\t\tAND session_user_id = " . (int) $user_id;
$this->db->sql_query($sql);
redirect(append_sid("{$this->root_path}adm/index.{$this->php_ext}", false, true, $this->user->data['session_id']));
}
redirect(append_sid($redirect, false, true, $this->user->data['session_id']));
}
throw new http_exception(400, 'TFA_SOMETHING_WENT_WRONG');
}
/**
* @param \phpbb\event\data $event
*
* @return \phpbb\event\data $event|null
* @throw http_exception
*/
public function auth_login_session_create_before($event)
{
if ($this->config['tfa_mode'] == session_helper_interface::MODE_DISABLED) {
return $event;
}
if (isset($event['login'], $event['login']['status']) && $event['login']['status'] == LOGIN_SUCCESS) {
// We have a LOGIN_SUCCESS result.
if ($this->session_helper->isTfaRequired($event['login']['user_row']['user_id'], $event['admin'], $event['user_row'])) {
if (!$this->session_helper->isTfaRegistered($event['login']['user_row']['user_id'])) {
// While 2FA is enabled, the user has no methods added.
// We simply return and continue the login procedure (The normal way :)),
// and will disable all pages until he has added a 2FA key.
return $event;
} else {
$this->session_helper->generate_page($event['login']['user_row']['user_id'], $event['admin'], $event['view_online'], !$this->request->is_set_post('viewonline'), $this->request->variable('redirect', ''));
}
}
}
return null;
}
