RobThree\Auth\TwoFactorAuth::verifyCode PHP Method

TwoFactorAuth Class Documentation Usage Examples Of RobThree\Auth\TwoFactorAuth::verifyCode Show file Open project: RobThree/TwoFactorAuth

verifyCode() public method

Check if the code is correct. This will accept codes starting from ($discrepancy * $period) sec ago to ($discrepancy * period) sec from now

public verifyCode ( $secret, $code, $discrepancy = 1, $time = null )

    public function verifyCode($secret, $code, $discrepancy = 1, $time = null)
    {
        $result = false;
        $timetamp = $this->getTime($time);
        // To keep safe from timing-attachs we iterate *all* possible codes even though we already may have verified a code is correct
        for ($i = -$discrepancy; $i <= $discrepancy; $i++) {
            $result |= $this->codeEquals($this->getCode($secret, $timetamp + $i * $this->period), $code);
        }
        return (bool) $result;
    }

Usage Example

Example #1

Show file

File: TfaController.php Project: Xety/Xeta

 /**
  * Enable the Two-factor Authentication.
  *
  * @return \Cake\Network\Response|void
  */
 public function enable()
 {
     if (!$this->request->is('post')) {
         return $this->redirect(['action' => 'configure']);
     }
     $this->loadModel('UsersTwoFactorAuth');
     $userTfa = $this->UsersTwoFactorAuth->find()->where(['UsersTwoFactorAuth.user_id' => $this->Auth->user('id')])->first();
     if (is_null($userTfa) || empty($userTfa->secret) || !isset($this->request->data['code'])) {
         $this->Flash->error(__('Two-factor secret verification failed. Please verify your secret and try again.'));
         return $this->redirect(['action' => 'configure']);
     }
     $tfa = new TwoFactorAuth('Xeta');
     if ($tfa->verifyCode($userTfa->secret, $this->request->data['code']) === true && $this->request->data['code'] != $userTfa->current_code) {
         $this->loadModel('Users');
         $user = $this->Users->find()->where(['Users.id' => $this->Auth->user('id')])->select(['id', 'username', 'two_factor_auth_enabled'])->first();
         $user->two_factor_auth_enabled = true;
         $this->Users->save($user);
         $data = ['session' => $this->request->clientIp() . $this->request->header('User-Agent') . gethostbyaddr($this->request->clientIp()), 'current_code' => $this->request->data['code'], 'recovery_code' => $this->_generateNewRecoveryCode($userTfa->username)];
         $this->UsersTwoFactorAuth->patchEntity($userTfa, $data);
         $this->UsersTwoFactorAuth->save($userTfa);
         //Logs Event.
         $this->eventManager()->attach(new Logs());
         $event = new Event('Log.User', $this, ['user_id' => $user->id, 'username' => $user->username, 'user_ip' => $this->request->clientIp(), 'user_agent' => $this->request->header('User-Agent'), 'action' => '2FA.enabled']);
         $this->eventManager()->dispatch($event);
         $this->Flash->success(__('Two-factor authentication successfully enabled !'));
         $this->set(compact('user', 'userTfa'));
     } else {
         $this->Flash->error(__('Two-factor secret verification failed. Please verify your secret and try again.'));
         return $this->redirect(['action' => 'configure']);
     }
 }

All Usage Examples Of RobThree\Auth\TwoFactorAuth::verifyCode

TwoFactorAuth

__construct

base32Decode

codeEquals

createSecret

getCode

getQRCodeImageAsDataUri

getQRText

getTime

getTimeSlice

verifyCode