meteo/Sentri
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f84eb6d149e3620deb5543c611cf27a39e716614
Sentri/pub/api/v1/users/mfa/index.php
Meteo 768cf78b57 v1.0 Initial commit of project
2026-01-01 10:54:18 +01:00

68 lines
2.1 KiB
PHP
Raw Blame History

<?php
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_mfa.php';
require $_SERVER['DOCUMENT_ROOT'] . '/../vendor/autoload.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/login/php/authFunctions.php';
use api\classes\API_mfa;
use RobThree\Auth\TwoFactorAuth;
use RobThree\Auth\Providers\Qr\EndroidQrCodeWithLogoProvider;
$API_mfa = new API_mfa();
if ($API_mfa->request_method === 'GET') {
} elseif ($API_mfa->request_method === 'POST') {
# Setup a new MFA secret its posted from mfaSetup.php where it generated a secret
if (checkLoginAttempts() > 10) {
echo 'too many attempts, please try again later.';
exit;
}
# check if the secret is in the session created at the mfaSetup.php file
if (!isset($_SESSION['mfasetup']['secret'])) {
$this->apiOutput(400, ['error' => 'secret not found.']);
}
$tfa = new TwoFactorAuth(new EndroidQrCodeWithLogoProvider());
$API_mfa->postedData['user_uuid'] = $_SESSION['user']['user_uuid'];
$API_mfa->postedData['user_two_factor_secret'] = $_SESSION['mfasetup']['secret'];
$API_mfa->postedData['verificationCode'] = linkVerificationPosts(); # The code is entered in six loose posts this wil link it togheter
$requiredFields = [
'user_uuid' => ['type' => 'uuid'],
'user_two_factor_secret' => ['type' => 'string'],
'verificationCode' => ['type' => 'string', 'min' => 6, 'max' => 6],
];
$API_mfa->validateData($requiredFields);
$result = $tfa->verifyCode($API_mfa->postedData['user_two_factor_secret'], $API_mfa->postedData['verificationCode']);
if (!$result) {
addLoginAttempts();
$API_mfa->apiOutput(401, ['error' => 'Invalid verification code.']);
}
$API_mfa->enableMFA();
} elseif ($API_mfa->request_method === 'PUT') {
} elseif ($API_mfa->request_method === 'DELETE') {
# Delete a mfa code for a user
$API_mfa->return_url = false;
$requiredFields = [
'user_uuid' => ['type' => 'uuid'],
];
$API_mfa->validateData($requiredFields);
$API_mfa->disableMFA();
}
Reference in New Issue View Git Blame Copy Permalink