[Web] Allow multiple TOTP

master
andryyy 2021-10-23 17:14:43 +02:00
parent 8e911c1283
commit 8769a91388
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
1 changed files with 13 additions and 11 deletions

View File

@ -1222,8 +1222,8 @@ function set_tfa($_data) {
case "totp": case "totp":
$key_id = (!isset($_data["key_id"])) ? 'unidentified' : $_data["key_id"]; $key_id = (!isset($_data["key_id"])) ? 'unidentified' : $_data["key_id"];
if ($tfa->verifyCode($_POST['totp_secret'], $_POST['totp_confirm_token']) === true) { if ($tfa->verifyCode($_POST['totp_secret'], $_POST['totp_confirm_token']) === true) {
$stmt = $pdo->prepare("DELETE FROM `tfa` WHERE `username` = :username"); //$stmt = $pdo->prepare("DELETE FROM `tfa` WHERE `username` = :username");
$stmt->execute(array(':username' => $username)); //$stmt->execute(array(':username' => $username));
$stmt = $pdo->prepare("INSERT INTO `tfa` (`username`, `key_id`, `authmech`, `secret`, `active`) VALUES (?, ?, 'totp', ?, '1')"); $stmt = $pdo->prepare("INSERT INTO `tfa` (`username`, `key_id`, `authmech`, `secret`, `active`) VALUES (?, ?, 'totp', ?, '1')");
$stmt->execute(array($username, $key_id, $_POST['totp_secret'])); $stmt->execute(array($username, $key_id, $_POST['totp_secret']));
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
@ -1610,15 +1610,17 @@ function verify_tfa_login($username, $token) {
AND `authmech` = 'totp' AND `authmech` = 'totp'
AND `active`='1'"); AND `active`='1'");
$stmt->execute(array(':username' => $username)); $stmt->execute(array(':username' => $username));
$row = $stmt->fetch(PDO::FETCH_ASSOC); $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
if ($tfa->verifyCode($row['secret'], $_POST['token']) === true) { foreach ($rows as $row) {
$_SESSION['tfa_id'] = $row['id']; if ($tfa->verifyCode($row['secret'], $_POST['token']) === true) {
$_SESSION['return'][] = array( $_SESSION['tfa_id'] = $row['id'];
'type' => 'success', $_SESSION['return'][] = array(
'log' => array(__FUNCTION__, $username, '*'), 'type' => 'success',
'msg' => 'verified_totp_login' 'log' => array(__FUNCTION__, $username, '*'),
); 'msg' => 'verified_totp_login'
return true; );
return true;
}
} }
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',