This repository has been archived by the owner on Oct 27, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.php
141 lines (109 loc) · 3.46 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
<?php
/*
* That's gonna be a great app.
*/
// Bootstrap
use \RobThree\Auth\TwoFactorAuth;
use Doctrine\ORM\Tools\Setup;
use Doctrine\ORM\EntityManager;
require_once('vendor/autoload.php');
// DB Configuration
$isDevMode = true;
$dbConfig = Setup::createAnnotationMetadataConfiguration(array(__DIR__."/model"), $isDevMode);
$dbConn = array(
'driver' => 'pdo_sqlite',
'path' => __DIR__ . '/db.sqlite',
);
$entityManager = EntityManager::create($dbConn, $dbConfig);
// Basic Configuration
$config = array(
'theme' => 'default',
'defaultPage' => 'index',
'twigCache' => false,
// No cache today. Sorry.
//'twigCache' => 'cache/twig'
);
$loader = new \Twig\Loader\FilesystemLoader('view/theme/'.$config['theme'].'/template/');
$twig = new \Twig\Environment($loader, [
'cache' => $config['twigCache'],
]);
// Array to pass to the templates
$data = array();
foreach($config as $k => $v) {
$data[$k] = $v;
}
// Render templates by default
$render = true;
// If the above is set to false, we turn this json array
$json = array();
// A very basic router... if we can call it this way
$page = $config['defaultPage'];
if(isset($_GET['page'])) {
$page = filter_var($_GET['page'], FILTER_SANITIZE_STRING);
}
switch($page) {
case 'index':
$data['heading_title'] = 'Upmind - 2f Auth';
break;
case 'generate':
$render = false;
$label = filter_var($_POST['label'], FILTER_SANITIZE_STRING);
$name = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
$tfa = new TwoFactorAuth($label);
// Check for existing user
$u = $entityManager->getRepository('User')->findBy(array('name' => $name));
if(!isset($u[0])) {
$secret = $tfa->createSecret(160);
// Create our user
$new = new User();
$new->setName($name);
$new->setSecret($secret);
$new->setLabel($label);
$entityManager->persist($new);
$entityManager->flush();
} else {
$secret = $u[0]->getSecret();
$u[0]->setLabel($label);
$entityManager->flush();
}
$qrCode = $tfa->getQRCodeImageAsDataUri($name, $secret);
$json['message'] = '<img src="'.$qrCode.'"/>';
break;
case 'verify':
$render = false;
$code = filter_var($_POST['code'], FILTER_SANITIZE_STRING);
$name = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
$u = $entityManager->getRepository('User')->findBy(array('name' => $name));
if(!isset($u[0])) {
$secret = "";
} else {
$secret = $u[0]->getSecret();
}
$tfa = new TwoFactorAuth();
$realCode = $tfa->getCode($secret);
if($tfa->verifyCode($secret, $code, 1) === true && $code == $realCode) {
$json['message'] = 'Welcome back, <strong>'.$name.'</strong>!';
$json['status'] = 1;
} else {
$json['message'] = 'The code is not correct!';
$json['status'] = 0;
}
break;
default:
$page = '404';
}
$page = $page.'.twig';
// Render template or return json?
if($render) {
// Render Header
echo $twig->render('header.twig', $data);
// Render Contents
echo $twig->render($page, $data);
// Render Footer
echo $twig->render('footer.twig', $data);
} else {
// Set Headers and return data
header('Content-type: application/json');
echo json_encode($json);
}
exit();