Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
<?php
use QUI;
use PragmaRX\Google2FA\Google2FA;
use QUI\Utils\Security\Orthos;
use QUI\Security;
use QUI\Auth\Google2Fa\Auth;
/**
* Re-generate a set of recovery keys for a user authentication key
*
* @param string $title - key title
* @return bool - success
*/
QUI::$Ajax->registerFunction(
'package_quiqqer_authgoogle2fa_ajax_regenerateRecoveryKeys',
function ($userId, $title) {
$AuthUser = QUI::getUsers()->get((int)$userId);
$title = Orthos::clear($title);
$EditUser = QUI::getUserBySession();
// @todo Check user edit permission of session user
try {
$secrets = json_decode($AuthUser->getAttribute('quiqqer.auth.google2fa.secrets'), true);
if (empty($secrets)) {
$secrets = array();
}
if (!isset($secrets[$title])) {
throw new QUI\Auth\Google2Fa\Exception(array(
'quiqqer/authgoogle2fa',
'exception.ajax.getKey.title.not.found',
array(
'title' => $title,
'user' => $AuthUser->getUsername(),
'userId' => $AuthUser->getId()
)
));
}
$secrets[$title]['recoveryKeys'] = Auth::generateRecoveryKeys();
$AuthUser->setAttribute(
'quiqqer.auth.google2fa.secrets',
json_encode($secrets)
);
$AuthUser->save();
} catch (QUI\Auth\Google2Fa\Exception $Exception) {
QUI::getMessagesHandler()->addError(
QUI::getLocale()->get(
'quiqqer/authgoogle2fa',
'message.ajax.regenerateRecoveryKeys.error',
array(
'error' => $Exception->getMessage()
)
)
);
return false;
} catch (\Exception $Exception) {
QUI::getMessagesHandler()->addError(
QUI::getLocale()->get(
'quiqqer/authgoogle2fa',
'message.ajax.general.error'
)
);
return false;
}
QUI::getMessagesHandler()->addSuccess(
QUI::getLocale()->get(
'quiqqer/authgoogle2fa',
'message.ajax.regenerateRecoveryKeys.success',
array(
'title' => $title
)
)
);
return true;
},
array('userId', 'title'),
'Permission::checkAdminUser'
);