public function LoginByOtp($otp, $remember_otp = "N", $captcha_word = "", $captcha_sid = "")
{
if (!CModule::IncludeModule("security") || !\Bitrix\Security\Mfa\Otp::isOtpRequired()) {
return array("MESSAGE" => GetMessage("USER_LOGIN_OTP_ERROR") . "<br>", "TYPE" => "ERROR");
}
$userParams = \Bitrix\Security\Mfa\Otp::getDeferredParams();
$userParams["OTP"] = $otp;
$userParams["OTP_REMEMBER"] = $remember_otp === "Y";
$userParams["CAPTCHA_WORD"] = $captcha_word;
$userParams["CAPTCHA_SID"] = $captcha_sid;
if (!\Bitrix\Security\Mfa\Otp::verifyUser($userParams)) {
return array("MESSAGE" => GetMessage("USER_LOGIN_OTP_INCORRECT") . "<br>", "TYPE" => "ERROR");
}
$this->Authorize($userParams["USER_ID"], $userParams["REMEMBER"] == "Y");
return true;
}
$arResult["AUTH_URL"] = $APPLICATION->GetCurPageParam("login=yes", array_merge($arParamsToDelete, array("logout_butt", "backurl")));
}
$arParams["REGISTER_URL"] = $arParams["REGISTER_URL"] != '' ? $arParams["REGISTER_URL"] : $currentUrl;
$arParams["FORGOT_PASSWORD_URL"] = $arParams["FORGOT_PASSWORD_URL"] != '' ? $arParams["FORGOT_PASSWORD_URL"] : $arParams["REGISTER_URL"];
$url = urlencode($APPLICATION->GetCurPageParam("", array_merge($arParamsToDelete, array("backurl"))));
$custom_reg_page = COption::GetOptionString('main', 'custom_register_page');
$arResult["AUTH_REGISTER_URL"] = $custom_reg_page != '' ? $custom_reg_page : $arParams["REGISTER_URL"] . (strpos($arParams["REGISTER_URL"], "?") !== false ? "&" : "?") . "register=yes&backurl=" . $url;
$arResult["AUTH_FORGOT_PASSWORD_URL"] = $arParams["FORGOT_PASSWORD_URL"] . (strpos($arParams["FORGOT_PASSWORD_URL"], "?") !== false ? "&" : "?") . "forgot_password=yes&backurl=" . $url;
$arResult["AUTH_LOGIN_URL"] = $APPLICATION->GetCurPageParam("login_form=yes", $arParamsToDelete);
$arRes = array();
foreach ($arResult as $key => $value) {
$arRes[$key] = htmlspecialcharsbx($value);
$arRes['~' . $key] = $value;
}
$arResult = $arRes;
if (CModule::IncludeModule("security") && Mfa\Otp::isOtpRequired() && $_REQUEST["login_form"] != "yes") {
$arResult["FORM_TYPE"] = "otp";
$arResult["REMEMBER_OTP"] = COption::GetOptionString('security', 'otp_allow_remember') === 'Y';
$arResult["CAPTCHA_CODE"] = false;
if (Mfa\Otp::isCaptchaRequired()) {
$arResult["CAPTCHA_CODE"] = $APPLICATION->CaptchaGetCode();
}
if (Mfa\Otp::isOtpRequiredByMandatory()) {
$arResult['ERROR_MESSAGE'] = array("MESSAGE" => GetMessage("system_auth_form_otp_required"), "TYPE" => "ERROR");
}
} else {
$arResult["FORM_TYPE"] = "login";
$arVarExcl = array("USER_LOGIN" => 1, "USER_PASSWORD" => 1, "backurl" => 1, "auth_service_id" => 1);
$arResult["GET"] = array();
$arResult["POST"] = array();
foreach ($_POST as $vname => $vvalue) {
}
if ($_POST['action'] != 'login') {
CHTTP::SetStatus("403 Forbidden");
die;
}
IncludeModuleLangFile($_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/im/install/public/desktop_app/login/index.php");
$result = $USER->Login($_POST['login'], $_POST['password'] . $_POST['otp']);
if ($result !== true || !$USER->IsAuthorized()) {
if (IsModuleInstalled('bitrix24')) {
header('Access-Control-Allow-Origin: *');
}
$answer = array("success" => false);
if ($APPLICATION->NeedCAPTHAForLogin($_POST['login'])) {
$answer["captchaCode"] = $APPLICATION->CaptchaGetCode();
}
if (CModule::IncludeModule("security") && \Bitrix\Security\Mfa\Otp::isOtpRequired()) {
//user must enter OTP
$answer["needOtp"] = true;
}
CHTTP::SetStatus("401 Unauthorized");
} else {
$answer = array("success" => true, "sessionId" => session_id(), "bitrixSessionId" => bitrix_sessid());
if (($_POST['renew_password'] == 'y' || $_POST['otp'] != '') && $USER->GetParam("APPLICATION_ID") === null) {
$code = '';
if (strlen($_POST['user_os_mark']) > 0) {
$code = md5($_POST['user_os_mark'] . $_POST['user_account']);
}
if ($code != '') {
$orm = ApplicationPasswordTable::getList(array('select' => array('ID'), 'filter' => array('USER_ID' => $USER->GetID(), 'CODE' => $code)));
if ($row = $orm->fetch()) {
ApplicationPasswordTable::delete($row['ID']);
/**
* <p>Метод подключает ряд компонентов в зависимости от параметров пришедших на страницу: </p> <table class="tnormal" width="100%"><tbody> <tr> <th width="25%">Параметр</th> <th width="25%">Значение</th> <th width="50%">Название компонента</th> </tr> <tr> <td>forgot_password</td> <td>yes</td> <td>Форма отправки контрольного слова для смены пароля (<b>system.auth.forgotpasswd</b>)</td> </tr> <tr> <td>change_password</td> <td>yes</td> <td>(Форма смены забытого пароля (<b>system.auth.changepasswd</b>)</td> </tr> <tr> <td>register</td> <td>yes</td> <td>Форма регистрации (<b>system.auth.registration</b>)</td> </tr> <tr> <td>authorize_registration</td> <td>yes</td> <td>Форма авторизации (<b>system.auth.authorize</b>)</td> </tr> </tbody></table> <p>Если не указан ни один из параметров, то по умолчанию метод подключит компонент "Форма авторизации".</p> <p class="note"><b>Примечание</b>. После вывода соответствующего компонента метод завершает выполнение страницы.</p> <p>Динамичный метод.</p>
*
*
* @param mixed $mess yes
*
* @param bool $show_prolog = true yes
*
* @param bool $show_epilog = true yes
*
* @param string $not_show_links = "N" yes
*
* @param bool $do_die = true
*
* @return mixed
*
* <h4>Example</h4>
* <pre>
* <?
* // определим право чтения на файл "/download/document.doc" у текущего пользователя
* $FILE_PERM = $APPLICATION->GetFileAccessPermission("/download/document.doc");
* $FILE_PERM = (strlen($FILE_PERM)>0 ? $FILE_PERM : "D");
* // если право чтения нет, то выводем форму авторизации
* if($FILE_PERM < "R") <b>$APPLICATION->AuthForm</b>("У вас нет права доступа к данному файлу.");
* ?>
* </pre>
*
*
* <h4>See Also</h4>
* <ul> <li><a href="https://dev.1c-bitrix.ru/learning/course/index.php?COURSE_ID=43&CHAPTER_ID=04565"
* >Компоненты</a></li> <li> <a
* href="https://dev.1c-bitrix.ru/learning/course/index.php?COURSE_ID=43&LESSON_ID=2819" >Права доступа</a>
* </li> <li> <a href="http://dev.1c-bitrix.ru/api_help/main/functions/other/showmessage.php">ShowMessage</a> </li> </ul>
* <a name="examples"></a>
*
*
* @static
* @link http://dev.1c-bitrix.ru/api_help/main/reference/cmain/authform.php
* @author Bitrix
*/
public function AuthForm($mess, $show_prolog = true, $show_epilog = true, $not_show_links = "N", $do_die = true)
{
$excl = array("excl" => 1, "key" => 1, "GLOBALS" => 1, "mess" => 1, "show_prolog" => 1, "show_epilog" => 1, "not_show_links" => 1, "do_die" => 1);
foreach ($GLOBALS as $key => $value) {
if (!array_key_exists($key, $excl)) {
global ${$key};
}
}
if (substr($this->GetCurDir(), 0, strlen(BX_ROOT . "/admin/")) == BX_ROOT . "/admin/" || defined("ADMIN_SECTION") && ADMIN_SECTION === true) {
$isAdmin = "_admin";
} else {
$isAdmin = "";
}
if (isset($this->arAuthResult) && $this->arAuthResult !== true && (is_array($this->arAuthResult) || strlen($this->arAuthResult) > 0)) {
$arAuthResult = $this->arAuthResult;
} else {
$arAuthResult = $mess;
}
/** @global CMain $APPLICATION */
global $APPLICATION, $forgot_password, $change_password, $register, $confirm_registration;
//page title
$APPLICATION->SetTitle(GetMessage("AUTH_TITLE"));
$inc_file = "";
if ($forgot_password == "yes") {
//pass request form
$APPLICATION->SetTitle(GetMessage("AUTH_TITLE_SEND_PASSWORD"));
$comp_name = "system.auth.forgotpasswd";
$inc_file = "forgot_password";
} elseif ($change_password == "yes") {
//pass change form
$APPLICATION->SetTitle(GetMessage("AUTH_TITLE_CHANGE_PASSWORD"));
$comp_name = "system.auth.changepasswd";
$inc_file = "change_password";
} elseif ($register == "yes" && $isAdmin == "" && COption::GetOptionString("main", "new_user_registration", "N") == "Y") {
//registration form
$APPLICATION->SetTitle(GetMessage("AUTH_TITLE_REGISTER"));
$comp_name = "system.auth.registration";
} elseif ($confirm_registration === "yes" && $isAdmin === "" && COption::GetOptionString("main", "new_user_registration_email_confirmation", "N") === "Y") {
//confirm registartion
$APPLICATION->SetTitle(GetMessage("AUTH_TITLE_CONFIRM"));
$comp_name = "system.auth.confirmation";
} elseif (CModule::IncludeModule("security") && \Bitrix\Security\Mfa\Otp::isOtpRequired() && $_REQUEST["login_form"] != "yes") {
//otp form
$APPLICATION->SetTitle(GetMessage("AUTH_TITLE_OTP"));
$comp_name = "system.auth.otp";
$inc_file = "otp";
} else {
header('X-Bitrix-Ajax-Status: Authorize');
//auth form
$comp_name = "system.auth.authorize";
$inc_file = "authorize";
}
if ($show_prolog) {
CMain::PrologActions();
// define("BX_AUTH_FORM", true);
include $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/prolog" . $isAdmin . "_after.php";
}
if ($isAdmin == "") {
// form by Components 2.0
$this->IncludeComponent("bitrix:" . $comp_name, COption::GetOptionString("main", "auth_components_template", ""), array("AUTH_RESULT" => $arAuthResult, "NOT_SHOW_LINKS" => $not_show_links));
} else {
include $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/interface/auth/wrapper.php";
}
if ($show_epilog) {
include $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog" . $isAdmin . ".php";
}
if ($do_die) {
die;
}
}
