mirror/php-typemill
1
0
Fork 0
mirror of https://github.com/typemill/typemill.git synced 2025-07-31 11:20:15 +02:00
Code Issues Releases Wiki Activity

v2.1.0 Finish authentication code and login

Browse Source
This commit is contained in:
trendschau
2023-12-27 12:33:13 +01:00
parent 9978638266
commit f674d4b6f9
4 changed files with 38 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
data/security/securitylog.txt
View File

@@ -8,3 +8,11 @@
127.0.0.1;2023-12-25 06:20:18;login: authcode wrong or outdated.
127.0.0.1;2023-12-25 06:20:35;login: user not found
127.0.0.1;2023-12-25 09:12:05;login: wrong password
127.0.0.1;2023-12-27 11:17:43;login: authcode wrong or outdated.
127.0.0.1;2023-12-27 11:21:21;login: authcode wrong or outdated.
127.0.0.1;2023-12-27 11:24:01;login: authcode wrong or outdated.
127.0.0.1;2023-12-27 11:25:07;login: authcode wrong or outdated.
127.0.0.1;2023-12-27 11:30:28;login: authcode wrong or outdated.
127.0.0.1;2023-12-27 11:31:36;login: authcode wrong or outdated.
127.0.0.1;2023-12-27 11:31:52;login: authcode wrong or outdated.
127.0.0.1;2023-12-27 11:32:10;login: authcode wrong or outdated.

35
system/typemill/Controllers/ControllerWebAuth.php
View File

@@ -26,7 +26,9 @@ class ControllerWebAuth extends Controller
$validation = new Validation();
$securitylog = $this->settings['securitylog'] ?? false;
$authcodeactive = $this->settings['authcode'] ?? false;
$authtitle = Translations::translate('Auth code missing?');
$authtext = Translations::translate('If you did not receive an email with an authentication code, then the username or password you entered was wrong. Please try again.');
if($validation->signin($input) !== true)
{
if($securitylog)
@@ -72,6 +74,8 @@ class ControllerWebAuth extends Controller
# show authcode page
return $this->c->get('view')->render($response, 'auth/authcode.twig', [
'username' => $userdata['username'],
'authtitle' => $authtitle,
'authtext' => $authtext
]);
}
@@ -100,7 +104,7 @@ class ControllerWebAuth extends Controller
$mail = new SimpleMail($settings);
$subject = Translations::translate('Your authentication code for Typemill');
$message = Translations::translate('Use the following authentication code to login into Typemill cms') . ': ' . $authcodevalue;
$message = Translations::translate('Use the following authentication code to login into Typemill') . ': ' . $authcodevalue;
$send = $mail->send($userdata['email'], $subject, $message);
@@ -108,8 +112,8 @@ class ControllerWebAuth extends Controller
if(!$send)
{
$title = Translations::translate('Error sending email');
$message = Translations::translate('Dear ') . $userdata['username'] . ', ' . Translations::translate('we could not send the email with the authentication code to your address. Reason: ') . $mail->error;
$authtitle = Translations::translate('Error sending email');
$authtext = Translations::translate('We could not send the email with the authentication code to your address. Reason: ') . $mail->error;
}
else
{
@@ -120,7 +124,9 @@ class ControllerWebAuth extends Controller
# show authcode page
return $this->c->get('view')->render($response, 'auth/authcode.twig', [
'username' => $userdata['username'],
'username' => $userdata['username'],
'authtitle' => $authtitle,
'authtext' => $authtext
]);
}
@@ -139,8 +145,6 @@ class ControllerWebAuth extends Controller
$user->login();
# return $response->withHeader('Location', $this->routeParser->urlFor('settings.show'))->withStatus(302);
# if user is allowed to view content-area
$acl = $this->c->get('acl');
if($acl->hasRole($userdata['userrole']) && $acl->isAllowed($userdata['userrole'], 'content', 'view'))
@@ -154,7 +158,7 @@ class ControllerWebAuth extends Controller
}
# login user with valid authcode
# login a user with valid authcode
public function loginWithAuthcode(Request $request, Response $response)
{
$input = $request->getParsedBody();
@@ -204,9 +208,9 @@ class ControllerWebAuth extends Controller
}
# add the device fingerprint if not set yet
$fingerprints = $userdata['fingerprints'] ?? [];
$fingerprint = $this->generateDeviceFingerprint();
if(!$this->findDeviceFingerprint($fingerprint, $fingerprints))
$fingerprints = $userdata['fingerprints'] ?? [];
$fingerprint = $this->generateDeviceFingerprint();
if(!$this->findDeviceFingerprint($fingerprint, $userdata))
{
$fingerprints[] = $fingerprint;
$user->setValue('fingerprints', $fingerprints);
@@ -231,14 +235,7 @@ class ControllerWebAuth extends Controller
}
/**
* log out a user
*
* @param obj $request the slim request object
* @param obj $response the slim response object
* @return obje $response with redirect to route
*/
# log out a user
public function logout(Request $request, Response $response)
{
\Typemill\Static\Session::stopSession();

6
system/typemill/Models/SimpleMail.php
View File

@@ -2,6 +2,8 @@
namespace Typemill\Models;
use Typemill\Static\Translations;
class SimpleMail
{
private $from = false;
@@ -28,11 +30,11 @@ class SimpleMail
}
}
public function sendEmail(string $to, string $subject, string $message)
public function send(string $to, string $subject, string $message)
{
if(!$this->from)
{
$this->error = 'You need to add a email address into the settings.';
$this->error = Translations::translate('Email address in system settings is missing.');
return false;
}

19
system/typemill/author/auth/authcode.twig
View File

@@ -11,7 +11,7 @@
<h1 class="text-4xl py-5">Authentication Code</h1>
<p>Enter the auth code from the e-mail you got:</a>
<p>{{ translate('Enter the authentication code from your email:') }}</a>
<form method="POST" action="{{ url_for("auth.authcode") }}" autocomplete="off">
@@ -24,7 +24,7 @@
pattern="[0-9]"
maxlength="1"
oninput="moveToNextField(this)"
class="mr-2 form-control block w-full px-3 py-3 text-xl text-center font-normal text-gray-700 bg-white bg-clip-padding border border-solid border-gray-300 transition ease-in-out m-0 focus:text-gray-700 focus:bg-white focus:border-blue-600 focus:outline-non"
class="mr-2 form-control block w-full px-3 py-3 text-xl text-center font-bold text-gray-700 bg-white bg-clip-padding border border-solid border-gray-300 transition ease-in-out m-0 focus:text-gray-700 focus:bg-white focus:border-blue-600 focus:outline-non"
required>
<input
type="text"
@@ -32,7 +32,7 @@
pattern="[0-9]"
maxlength="1"
oninput="moveToNextField(this)"
class="mr-2 form-control block w-full px-3 py-3 text-xl text-center font-normal text-gray-700 bg-white bg-clip-padding border border-solid border-gray-300 transition ease-in-out m-0 focus:text-gray-700 focus:bg-white focus:border-blue-600 focus:outline-non"
class="mr-2 form-control block w-full px-3 py-3 text-xl text-center font-bold text-gray-700 bg-white bg-clip-padding border border-solid border-gray-300 transition ease-in-out m-0 focus:text-gray-700 focus:bg-white focus:border-blue-600 focus:outline-non"
required>
<input
type="text"
@@ -40,7 +40,7 @@
pattern="[0-9]"
maxlength="1"
oninput="moveToNextField(this)"
class="mr-2 form-control block w-full px-3 py-3 text-xl text-center font-normal text-gray-700 bg-white bg-clip-padding border border-solid border-gray-300 transition ease-in-out m-0 focus:text-gray-700 focus:bg-white focus:border-blue-600 focus:outline-non"
class="mr-2 form-control block w-full px-3 py-3 text-xl text-center font-bold text-gray-700 bg-white bg-clip-padding border border-solid border-gray-300 transition ease-in-out m-0 focus:text-gray-700 focus:bg-white focus:border-blue-600 focus:outline-non"
required>
<input
type="text"
@@ -48,7 +48,7 @@
pattern="[0-9]"
maxlength="1"
oninput="moveToNextField(this)"
class="mr-2 form-control block w-full px-3 py-3 text-xl text-center font-normal text-gray-700 bg-white bg-clip-padding border border-solid border-gray-300 transition ease-in-out m-0 focus:text-gray-700 focus:bg-white focus:border-blue-600 focus:outline-non"
class="mr-2 form-control block w-full px-3 py-3 text-xl text-center font-bold text-gray-700 bg-white bg-clip-padding border border-solid border-gray-300 transition ease-in-out m-0 focus:text-gray-700 focus:bg-white focus:border-blue-600 focus:outline-non"
required>
<input
type="text"
@@ -56,7 +56,7 @@
pattern="[0-9]"
maxlength="1"
oninput="moveToNextField(this)"
class="mr-2 form-control block w-full px-3 py-3 text-xl text-center font-normal text-gray-700 bg-white bg-clip-padding border border-solid border-gray-300 transition ease-in-out m-0 focus:text-gray-700 focus:bg-white focus:border-blue-600 focus:outline-non"
class="form-control block w-full px-3 py-3 text-xl text-center font-bold text-gray-700 bg-white bg-clip-padding border border-solid border-gray-300 transition ease-in-out m-0 focus:text-gray-700 focus:bg-white focus:border-blue-600 focus:outline-non"
required>
</div>
@@ -88,14 +88,15 @@
}
}
</script>
</form>
</form>
</div>
</div>
<div class="lg:w-1/2 lg:bg-white lg:text-black p-5 bg-teal-600 text-white border-b border-white content-center flex justify-center items-center">
<div class="max-w-md content-center">
<h2 class="text-4xl py-5">{{ translate('Auth code missing?') }}</h2>
<p>{{ translate('If you did not receive an email with an authentication code, then the username or password you entered was wrong. Please try again.') }}</p>
<h2 class="text-4xl py-5">{{ authtitle }}</h2>
<p class="py-2">{{ authtext }}</p>
<a class="text-teal-600 py-2" href="{{ url_for('auth.show') }}">&#x2192; {{ translate('Back to login') }}</a>
</div>
</div>