v1.2 initial commit

This commit is contained in:
2026-05-10 21:40:25 +02:00
commit 1a5dfda288
995 changed files with 242075 additions and 0 deletions

45
pub/login/php/mfaAuth.php Normal file
View File

@@ -0,0 +1,45 @@
<?php
session_start();
# includes
require $_SERVER['DOCUMENT_ROOT'] . '/../vendor/autoload.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/login/php/authFunctions.php';
use RobThree\Auth\Providers\Qr\EndroidQrCodeWithLogoProvider;
use RobThree\Auth\TwoFactorAuth;
if (!isset($_POST['verification-1']) && !isset($_SESSION['mfa']['user_secret']) && !isset($_SESSION['mfa']['user_uuid'])) {
unset($_SESSION['mfa']);
addLoginAttempts();
header('Location: /');
exit;
}
if (checkLoginAttempts() > 3) {
header('Location: /login/');
exit;
}
$tfa = new TwoFactorAuth(new EndroidQrCodeWithLogoProvider());
$secret = $_SESSION['mfa']['user_secret'];
$postedCode = linkVerificationPosts();
if ($postedCode) {
$result = $tfa->verifyCode($secret, $postedCode);
if ($result) {
loginUser($_SESSION['mfa']['user_uuid']);
unset($_SESSION['mfa']);
} else {
addLoginAttempts();
setcookie('login_error', 'Invalid verification code', time() + 3600, '/');
}
} else {
unset($_SESSION['mfa']);
}
header('Location: /');
exit;