public function LoginByOtp($otp, $remember_otp = "N", $captcha_word = "", $captcha_sid = "") { if (!CModule::IncludeModule("security") || !\Bitrix\Security\Mfa\Otp::isOtpRequired()) { return array("MESSAGE" => GetMessage("USER_LOGIN_OTP_ERROR") . "<br>", "TYPE" => "ERROR"); } $userParams = \Bitrix\Security\Mfa\Otp::getDeferredParams(); $userParams["OTP"] = $otp; $userParams["OTP_REMEMBER"] = $remember_otp === "Y"; $userParams["CAPTCHA_WORD"] = $captcha_word; $userParams["CAPTCHA_SID"] = $captcha_sid; if (!\Bitrix\Security\Mfa\Otp::verifyUser($userParams)) { return array("MESSAGE" => GetMessage("USER_LOGIN_OTP_INCORRECT") . "<br>", "TYPE" => "ERROR"); } $this->Authorize($userParams["USER_ID"], $userParams["REMEMBER"] == "Y"); return true; }
$arResult["AUTH_URL"] = $APPLICATION->GetCurPageParam("login=yes", array_merge($arParamsToDelete, array("logout_butt", "backurl"))); } $arParams["REGISTER_URL"] = $arParams["REGISTER_URL"] != '' ? $arParams["REGISTER_URL"] : $currentUrl; $arParams["FORGOT_PASSWORD_URL"] = $arParams["FORGOT_PASSWORD_URL"] != '' ? $arParams["FORGOT_PASSWORD_URL"] : $arParams["REGISTER_URL"]; $url = urlencode($APPLICATION->GetCurPageParam("", array_merge($arParamsToDelete, array("backurl")))); $custom_reg_page = COption::GetOptionString('main', 'custom_register_page'); $arResult["AUTH_REGISTER_URL"] = $custom_reg_page != '' ? $custom_reg_page : $arParams["REGISTER_URL"] . (strpos($arParams["REGISTER_URL"], "?") !== false ? "&" : "?") . "register=yes&backurl=" . $url; $arResult["AUTH_FORGOT_PASSWORD_URL"] = $arParams["FORGOT_PASSWORD_URL"] . (strpos($arParams["FORGOT_PASSWORD_URL"], "?") !== false ? "&" : "?") . "forgot_password=yes&backurl=" . $url; $arResult["AUTH_LOGIN_URL"] = $APPLICATION->GetCurPageParam("login_form=yes", $arParamsToDelete); $arRes = array(); foreach ($arResult as $key => $value) { $arRes[$key] = htmlspecialcharsbx($value); $arRes['~' . $key] = $value; } $arResult = $arRes; if (CModule::IncludeModule("security") && Mfa\Otp::isOtpRequired() && $_REQUEST["login_form"] != "yes") { $arResult["FORM_TYPE"] = "otp"; $arResult["REMEMBER_OTP"] = COption::GetOptionString('security', 'otp_allow_remember') === 'Y'; $arResult["CAPTCHA_CODE"] = false; if (Mfa\Otp::isCaptchaRequired()) { $arResult["CAPTCHA_CODE"] = $APPLICATION->CaptchaGetCode(); } if (Mfa\Otp::isOtpRequiredByMandatory()) { $arResult['ERROR_MESSAGE'] = array("MESSAGE" => GetMessage("system_auth_form_otp_required"), "TYPE" => "ERROR"); } } else { $arResult["FORM_TYPE"] = "login"; $arVarExcl = array("USER_LOGIN" => 1, "USER_PASSWORD" => 1, "backurl" => 1, "auth_service_id" => 1); $arResult["GET"] = array(); $arResult["POST"] = array(); foreach ($_POST as $vname => $vvalue) {
} if ($_POST['action'] != 'login') { CHTTP::SetStatus("403 Forbidden"); die; } IncludeModuleLangFile($_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/im/install/public/desktop_app/login/index.php"); $result = $USER->Login($_POST['login'], $_POST['password'] . $_POST['otp']); if ($result !== true || !$USER->IsAuthorized()) { if (IsModuleInstalled('bitrix24')) { header('Access-Control-Allow-Origin: *'); } $answer = array("success" => false); if ($APPLICATION->NeedCAPTHAForLogin($_POST['login'])) { $answer["captchaCode"] = $APPLICATION->CaptchaGetCode(); } if (CModule::IncludeModule("security") && \Bitrix\Security\Mfa\Otp::isOtpRequired()) { //user must enter OTP $answer["needOtp"] = true; } CHTTP::SetStatus("401 Unauthorized"); } else { $answer = array("success" => true, "sessionId" => session_id(), "bitrixSessionId" => bitrix_sessid()); if (($_POST['renew_password'] == 'y' || $_POST['otp'] != '') && $USER->GetParam("APPLICATION_ID") === null) { $code = ''; if (strlen($_POST['user_os_mark']) > 0) { $code = md5($_POST['user_os_mark'] . $_POST['user_account']); } if ($code != '') { $orm = ApplicationPasswordTable::getList(array('select' => array('ID'), 'filter' => array('USER_ID' => $USER->GetID(), 'CODE' => $code))); if ($row = $orm->fetch()) { ApplicationPasswordTable::delete($row['ID']);
/** * <p>Метод подключает ряд компонентов в зависимости от параметров пришедших на страницу: </p> <table class="tnormal" width="100%"><tbody> <tr> <th width="25%">Параметр</th> <th width="25%">Значение</th> <th width="50%">Название компонента</th> </tr> <tr> <td>forgot_password</td> <td>yes</td> <td>Форма отправки контрольного слова для смены пароля (<b>system.auth.forgotpasswd</b>)</td> </tr> <tr> <td>change_password</td> <td>yes</td> <td>(Форма смены забытого пароля (<b>system.auth.changepasswd</b>)</td> </tr> <tr> <td>register</td> <td>yes</td> <td>Форма регистрации (<b>system.auth.registration</b>)</td> </tr> <tr> <td>authorize_registration</td> <td>yes</td> <td>Форма авторизации (<b>system.auth.authorize</b>)</td> </tr> </tbody></table> <p>Если не указан ни один из параметров, то по умолчанию метод подключит компонент "Форма авторизации".</p> <p class="note"><b>Примечание</b>. После вывода соответствующего компонента метод завершает выполнение страницы.</p> <p>Динамичный метод.</p> * * * @param mixed $mess yes * * @param bool $show_prolog = true yes * * @param bool $show_epilog = true yes * * @param string $not_show_links = "N" yes * * @param bool $do_die = true * * @return mixed * * <h4>Example</h4> * <pre> * <? * // определим право чтения на файл "/download/document.doc" у текущего пользователя * $FILE_PERM = $APPLICATION->GetFileAccessPermission("/download/document.doc"); * $FILE_PERM = (strlen($FILE_PERM)>0 ? $FILE_PERM : "D"); * // если право чтения нет, то выводем форму авторизации * if($FILE_PERM < "R") <b>$APPLICATION->AuthForm</b>("У вас нет права доступа к данному файлу."); * ?> * </pre> * * * <h4>See Also</h4> * <ul> <li><a href="https://dev.1c-bitrix.ru/learning/course/index.php?COURSE_ID=43&CHAPTER_ID=04565" * >Компоненты</a></li> <li> <a * href="https://dev.1c-bitrix.ru/learning/course/index.php?COURSE_ID=43&LESSON_ID=2819" >Права доступа</a> * </li> <li> <a href="http://dev.1c-bitrix.ru/api_help/main/functions/other/showmessage.php">ShowMessage</a> </li> </ul> * <a name="examples"></a> * * * @static * @link http://dev.1c-bitrix.ru/api_help/main/reference/cmain/authform.php * @author Bitrix */ public function AuthForm($mess, $show_prolog = true, $show_epilog = true, $not_show_links = "N", $do_die = true) { $excl = array("excl" => 1, "key" => 1, "GLOBALS" => 1, "mess" => 1, "show_prolog" => 1, "show_epilog" => 1, "not_show_links" => 1, "do_die" => 1); foreach ($GLOBALS as $key => $value) { if (!array_key_exists($key, $excl)) { global ${$key}; } } if (substr($this->GetCurDir(), 0, strlen(BX_ROOT . "/admin/")) == BX_ROOT . "/admin/" || defined("ADMIN_SECTION") && ADMIN_SECTION === true) { $isAdmin = "_admin"; } else { $isAdmin = ""; } if (isset($this->arAuthResult) && $this->arAuthResult !== true && (is_array($this->arAuthResult) || strlen($this->arAuthResult) > 0)) { $arAuthResult = $this->arAuthResult; } else { $arAuthResult = $mess; } /** @global CMain $APPLICATION */ global $APPLICATION, $forgot_password, $change_password, $register, $confirm_registration; //page title $APPLICATION->SetTitle(GetMessage("AUTH_TITLE")); $inc_file = ""; if ($forgot_password == "yes") { //pass request form $APPLICATION->SetTitle(GetMessage("AUTH_TITLE_SEND_PASSWORD")); $comp_name = "system.auth.forgotpasswd"; $inc_file = "forgot_password"; } elseif ($change_password == "yes") { //pass change form $APPLICATION->SetTitle(GetMessage("AUTH_TITLE_CHANGE_PASSWORD")); $comp_name = "system.auth.changepasswd"; $inc_file = "change_password"; } elseif ($register == "yes" && $isAdmin == "" && COption::GetOptionString("main", "new_user_registration", "N") == "Y") { //registration form $APPLICATION->SetTitle(GetMessage("AUTH_TITLE_REGISTER")); $comp_name = "system.auth.registration"; } elseif ($confirm_registration === "yes" && $isAdmin === "" && COption::GetOptionString("main", "new_user_registration_email_confirmation", "N") === "Y") { //confirm registartion $APPLICATION->SetTitle(GetMessage("AUTH_TITLE_CONFIRM")); $comp_name = "system.auth.confirmation"; } elseif (CModule::IncludeModule("security") && \Bitrix\Security\Mfa\Otp::isOtpRequired() && $_REQUEST["login_form"] != "yes") { //otp form $APPLICATION->SetTitle(GetMessage("AUTH_TITLE_OTP")); $comp_name = "system.auth.otp"; $inc_file = "otp"; } else { header('X-Bitrix-Ajax-Status: Authorize'); //auth form $comp_name = "system.auth.authorize"; $inc_file = "authorize"; } if ($show_prolog) { CMain::PrologActions(); // define("BX_AUTH_FORM", true); include $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/prolog" . $isAdmin . "_after.php"; } if ($isAdmin == "") { // form by Components 2.0 $this->IncludeComponent("bitrix:" . $comp_name, COption::GetOptionString("main", "auth_components_template", ""), array("AUTH_RESULT" => $arAuthResult, "NOT_SHOW_LINKS" => $not_show_links)); } else { include $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/interface/auth/wrapper.php"; } if ($show_epilog) { include $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog" . $isAdmin . ".php"; } if ($do_die) { die; } }