if (CModule::IncludeModule("security") && \Bitrix\Security\Mfa\Otp::isOtpRequired()) { //user must enter OTP $answer["needOtp"] = true; } CHTTP::SetStatus("401 Unauthorized"); } else { $answer = array("success" => true, "sessionId" => session_id(), "bitrixSessionId" => bitrix_sessid()); if (($_POST['renew_password'] == 'y' || $_POST['otp'] != '') && $USER->GetParam("APPLICATION_ID") === null) { $code = ''; if (strlen($_POST['user_os_mark']) > 0) { $code = md5($_POST['user_os_mark'] . $_POST['user_account']); } if ($code != '') { $orm = ApplicationPasswordTable::getList(array('select' => array('ID'), 'filter' => array('USER_ID' => $USER->GetID(), 'CODE' => $code))); if ($row = $orm->fetch()) { ApplicationPasswordTable::delete($row['ID']); } } $password = ApplicationPasswordTable::generatePassword(); $res = ApplicationPasswordTable::add(array('USER_ID' => $USER->GetID(), 'APPLICATION_ID' => 'desktop', 'PASSWORD' => $password, 'DATE_CREATE' => new Main\Type\DateTime(), 'CODE' => $code, 'COMMENT' => GetMessage('DESKTOP_APP_GENERATOR'), 'SYSCOMMENT' => GetMessage('DESKTOP_APP_TITE'))); if ($res->isSuccess()) { $answer["appPassword"] = $password; } } } if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'y') { header('Content-Type: application/json'); echo Main\Web\Json::encode($answer); } else { echo toJsObject($answer); }
die; } if (!check_bitrix_sessid()) { $answer["message"] = Loc::getMessage("main_app_passwords_ajax_error_sess"); echo Json::encode($answer); die; } $context = Bitrix\Main\Context::getCurrent(); $request = $context->getRequest(); if ($request->isPost()) { $post = $request->getPostList()->toArray(); $post = Main\Text\Encoding::convertEncodingArray($post, "UTF-8", $context->getCulture()->getCharset()); if ($post["action"] == "delete" && ($id = intval($post["ID"])) > 0) { //deleting the application password if (ApplicationPasswordTable::getRow(array("filter" => array("=ID" => $id, "=USER_ID" => $USER->GetID()))) !== null) { $result = ApplicationPasswordTable::delete($id); if ($result->isSuccess()) { $answer["success"] = true; $answer["message"] = Loc::getMessage("main_app_passwords_ajax_deleted"); } else { $answer["message"] = implode("<br>", $result->getErrorMessages()); } } } elseif ($post["action"] == "add") { //adding a new application password $appManager = ApplicationManager::getInstance(); $applications = $appManager->getApplications(); $password = ApplicationPasswordTable::generatePassword(); if (isset($applications[$post['APPLICATION_ID']])) { $date = new Main\Type\DateTime(); $result = ApplicationPasswordTable::add(array('USER_ID' => $USER->GetID(), 'APPLICATION_ID' => $post['APPLICATION_ID'], 'PASSWORD' => $password, 'DATE_CREATE' => $date, 'COMMENT' => $post['COMMENT'], 'SYSCOMMENT' => $post['SYSCOMMENT']));