diff --git a/plugins/auth/lib/otp/password.php b/plugins/auth/lib/otp/password.php
index 90bbc37..64b8ead 100644
--- a/plugins/auth/lib/otp/password.php
+++ b/plugins/auth/lib/otp/password.php
@@ -22,16 +22,16 @@ final class rex_ycom_otp_password
public function challenge(): void
{
$user = rex_ycom_auth::getUser();
- $uri = str_replace('&', '&', (string) rex_ycom_otp_password_config::forCurrentUser()->provisioningUri);
+ $uri = str_replace('&', '&', (string) rex_ycom_otp_password_config::forCurrentUser()->getProvisioningUri());
$this->getMethod()->challenge($uri, $user);
}
/**
* @param string $otp
*/
- public function verify($otp): bool
+ public function verify(string $otp): bool
{
- $uri = str_replace('&', '&', (string) rex_ycom_otp_password_config::forCurrentUser()->provisioningUri);
+ $uri = str_replace('&', '&', (string) rex_ycom_otp_password_config::forCurrentUser()->getProvisioningUri());
$verified = $this->getMethod()->verify($uri, $otp);
return $verified;
}
@@ -81,7 +81,7 @@ public function setAuthOption(string $option): void
public function getMethod()
{
if (null === $this->method) {
- $methodType = rex_ycom_otp_password_config::forCurrentUser()->method;
+ $methodType = rex_ycom_otp_password_config::forCurrentUser()->getMethod();
if ('totp' === $methodType) {
$this->method = new rex_ycom_otp_method_totp();
diff --git a/plugins/auth/lib/otp/password_config.php b/plugins/auth/lib/otp/password_config.php
index c296d3a..a53e3ca 100644
--- a/plugins/auth/lib/otp/password_config.php
+++ b/plugins/auth/lib/otp/password_config.php
@@ -40,7 +40,10 @@ public static function loadFromDb(rex_ycom_otp_method_interface $method, rex_yco
$json = (string) $userSql->getValue('otp_config');
$config = self::fromJson($json, $user);
- $config->init($method);
+ $config->method = $method instanceof rex_ycom_otp_method_email ? 'email' : 'totp';
+ if (null === $config->getProvisioningUri()) {
+ $config->setProvisioningUri($method->getProvisioningUri($user));
+ }
return $config;
}
@@ -63,56 +66,62 @@ private static function fromJson(?string $json, rex_ycom_user $user): self
}
}
+ $method = new rex_ycom_otp_method_totp();
+
$default = new self($user);
- $default->init(new rex_ycom_otp_method_totp());
+ $default->method = $method instanceof rex_ycom_otp_method_email ? 'email' : 'totp';
+ $default->provisioningUri = $method->getProvisioningUri($user);
+
return $default;
}
- private function init(rex_ycom_otp_method_interface $method): void
+ public function isEnabled(): bool
{
- $this->method = $method instanceof rex_ycom_otp_method_email ? 'email' : 'totp';
- if (null === $this->provisioningUri) {
- $this->provisioningUri = $method->getProvisioningUri($this->user);
- }
-
- $this->save();
+ return $this->enabled ? true : false;
}
- public function enable(): void
+ public function enable(): self
{
$this->enabled = true;
+ return $this;
+ }
- if (null === $this->provisioningUri) {
- throw new Exception('Missing provisioning url');
- }
- if (null === $this->method) {
- throw new Exception('Missing method');
- }
+ public function disable(): self
+ {
+ $this->enabled = false;
+ $this->provisioningUri = null;
+ return $this;
+ }
- $this->save();
+ public function updateMethod(rex_ycom_otp_method_interface $method): self
+ {
+ $this->method = $method instanceof rex_ycom_otp_method_email ? 'email' : 'totp';
+ $this->provisioningUri = $method->getProvisioningUri($this->user);
+ return $this;
}
- public function isEnabled(): bool
+ public function getProvisioningUri()
{
- return $this->enabled ? true : false;
+ return $this->provisioningUri;
}
- public function disable(): void
+ public function setProvisioningUri($provisioningUri): self
{
- $this->enabled = false;
- $this->provisioningUri = null;
- $this->save();
+ $this->provisioningUri = $provisioningUri;
+ return $this;
}
- public function updateMethod(rex_ycom_otp_method_interface $method): void
+ public function getMethod()
{
- $this->method = $method instanceof rex_ycom_otp_method_email ? 'email' : 'totp';
- $this->provisioningUri = $method->getProvisioningUri($this->user);
- $this->save();
+ return $this->method;
}
- private function save(): void
+ public function save(): void
{
+ echo '';
+ debug_print_backtrace();
+ echo '
';
+
$userSql = rex_sql::factory();
$userSql->setTable(rex::getTablePrefix() . 'ycom_user');
$userSql->setWhere(['id' => $this->user->getId()]);
diff --git a/plugins/auth/lib/yform/value/ycom_auth_otp.php b/plugins/auth/lib/yform/value/ycom_auth_otp.php
index 3136f38..610426c 100644
--- a/plugins/auth/lib/yform/value/ycom_auth_otp.php
+++ b/plugins/auth/lib/yform/value/ycom_auth_otp.php
@@ -66,7 +66,7 @@ public function enterObject(): void
public function getDescription(): string
{
- return 'ycom_auth_otp -> Beispiel: ycom_auth_otp|setup oder ycom_auth_otp|verify';
+ return 'ycom_auth_otp -> Beispiel: ycom_auth_otp';
}
/**
diff --git a/plugins/auth/ytemplates/bootstrap/value.ycom_auth_otp_setup.tpl.php b/plugins/auth/ytemplates/bootstrap/value.ycom_auth_otp_setup.tpl.php
index 069ce46..8427bb2 100644
--- a/plugins/auth/ytemplates/bootstrap/value.ycom_auth_otp_setup.tpl.php
+++ b/plugins/auth/ytemplates/bootstrap/value.ycom_auth_otp_setup.tpl.php
@@ -41,8 +41,9 @@
if ('disable' == $func) {
$OTPInstance = rex_ycom_otp_password::getInstance();
$OTPMethod = $OTPInstance->getMethod();
- $config = rex_ycom_otp_password_config::loadFromDb($OTPMethod, $user);
- $config->disable();
+ rex_ycom_otp_password_config::loadFromDb($OTPMethod, $user)
+ ->disable()
+ ->save();
$func = '';
$this->params['warning'][$this->getId()] = $this->params['error_class'];
@@ -67,13 +68,6 @@
case 'email':
$defaultOption = 'email';
$otpMethod = new rex_ycom_otp_method_email();
-
- if (null === $myOTP || 'resend' == rex_request('otp-func-email', 'string')) {
- $this->params['warning'][$this->getId()] = $this->params['error_class'];
- $this->params['warning_messages'][$this->getId()] = '{ ycom_otp_email_check }';
- rex_ycom_otp_password::getInstance()->challenge();
- }
-
break;
case 'totp':
default:
@@ -82,18 +76,32 @@
break;
}
- // initial starten wenn beim user nicht vorhanden oder noch nicht enabled.
if (null === $myOTP) {
- $passwordConfig = rex_ycom_otp_password_config::loadFromDb($otpMethod, $user);
- $passwordConfig->updateMethod($otpMethod);
+ rex_ycom_otp_password_config::loadFromDb($otpMethod, $user)
+ ->updateMethod($otpMethod)
+ ->save();
+ $user->loadData(); // Refresh OTP with new DB Data
$this->params['warning'][$this->getId()] = $this->params['error_class'];
- } else {
- if ($otp->verify($myOTP)) {
- $config = rex_ycom_otp_password_config::loadFromDb($otpMethod, $user);
- $config->enable();
+ }
- $user->resetOTPTries()->save();
- rex_ycom_user_session::getInstance()->setOTPverified($user);
+ if ('email' === $func && (null === $myOTP || 'resend' == rex_request('otp-func-email', 'string'))) {
+ $this->params['warning'][$this->getId()] = $this->params['error_class'];
+ $this->params['warning_messages'][$this->getId()] = '{ ycom_otp_email_check }';
+ rex_ycom_otp_password::getInstance()->challenge();
+ }
+
+ // initial starten wenn beim user nicht vorhanden oder noch nicht enabled.
+ if (is_string($myOTP) && '' !== $myOTP) {
+ if ($otp->verify($myOTP)) {
+ rex_ycom_otp_password_config::loadFromDb($otpMethod, $user)
+ ->enable()
+ ->save();
+ $user->loadData();
+ $user
+ ->resetOTPTries()
+ ->save();
+ rex_ycom_user_session::getInstance()
+ ->setOTPverified($user);
$article_jump_ok = (int) rex_plugin::get('ycom', 'auth')->getConfig('article_id_jump_ok');
rex_response::sendRedirect(rex_getUrl($article_jump_ok, rex_clang::getCurrentId()));
} else {
@@ -103,8 +111,7 @@
}
if ('totp' == $func) {
- $config = rex_ycom_otp_password_config::loadFromDb($otpMethod, $user);
- $uri = $config->provisioningUri;
+ $uri = rex_ycom_otp_password_config::loadFromDb($otpMethod, $user)->getProvisioningUri();
?>