public function verifyFromInput($context, XenForo_Input $input, array $user, array &$providerData) { $code = $input->filterSingle('code', XenForo_Input::STRING); $code = preg_replace('/[^0-9]/', '', $code); if (!$code) { return false; } $matched = null; foreach ($providerData['codes'] as $i => $expectedCode) { if (XenForo_Application::hashEquals($expectedCode, $code)) { $matched = $i; break; } } if ($matched === null) { return false; } $providerData['used'][] = $providerData['codes'][$matched]; unset($providerData['codes'][$matched]); if (!$providerData['codes']) { // regenerate automatically $regenerated = true; $this->generateInitialData($user, array()); } else { $regenerated = false; } $ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : ''; $mail = XenForo_Mail::create('two_step_login_backup', array('user' => $user, 'ip' => $ip, 'regenerated' => $regenerated), $user['language_id']); $mail->send($user['email'], $user['username']); return true; }
/** * Validates a user confirmation record against a specific key. * * @param string $key * @param array $confirmation Confirmation record from DB. * * @return boolean */ public function validateUserConfirmationRecord($key, array $confirmation) { if (!XenForo_Application::hashEquals($confirmation['confirmation_key'], $key)) { return false; } if ($confirmation['confirmation_date'] < XenForo_Application::$time - 3 * 86400) { return false; } if ($confirmation['confirmation_type'] == 'password' && $confirmation['confirmation_date'] < XenForo_Application::$time - 12 * 3600) { return false; } return true; }
public function verifyFromInput($context, XenForo_Input $input, array $user, array &$providerData) { if (empty($providerData['code']) || empty($providerData['codeGenerated'])) { return false; } if (time() - $providerData['codeGenerated'] > 900) { return false; } $code = $input->filterSingle('code', XenForo_Input::STRING); $code = preg_replace('/[^0-9]/', '', $code); if (!XenForo_Application::hashEquals($providerData['code'], $code)) { return false; } unset($providerData['code']); unset($providerData['codeGenerated']); return true; }
/** * Logs a user in based on their remember key from a cookie. * * @param integer $userId * @param string $rememberKey * @param array|false|null $auth User's auth record (retrieved if null) * * @return boolean */ public function loginUserByRememberKeyFromCookie($userId, $rememberKey, $auth = null) { if ($auth === null) { $auth = $this->getUserAuthenticationRecordByUserId($userId); } if (!$auth) { return false; } $known = $this->prepareRememberKeyForCookie($auth['remember_key']); if (!$known || !$rememberKey) { return false; } return XenForo_Application::hashEquals($known, $rememberKey); }
/** * Check if the code is correct. This will accept codes starting from $discrepancy*30sec ago to $discrepancy*30sec from now * * @param string $secret * @param string $code * @param int $discrepancy This is the allowed time drift in 30 second units (8 means 4 minutes before or after) * @param int|null $currentTimeSlice time slice if we want use other that time() * @return bool */ public function verifyCode($secret, $code, $discrepancy = 1, $currentTimeSlice = null) { if ($currentTimeSlice === null) { $currentTimeSlice = floor(time() / 30); } for ($i = -$discrepancy; $i <= $discrepancy; $i++) { $calculatedCode = $this->getCode($secret, $currentTimeSlice + $i); if (XenForo_Application::hashEquals($calculatedCode, $code)) { return true; } } return false; }