Luca/thetool
1
0
Fork 0
Code Issues 5 Pull Requests 5 Actions Packages Projects Releases Wiki Activity

2FA/Remember Me Implementierung

Browse Source 
Userprofile Implementierung

Datatables Padding Anpassungen

Usercontroller und User um Mobile erweitert
This commit is contained in:
Spitzer_Daniel
2023-08-17 09:42:18 +02:00
parent 1887ad222d
commit f95d0b0074
21 changed files with 1643 additions and 554 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
application/UserProfile/UserProfile.php Normal file
View File

@@ -0,0 +1,40 @@
<?php
class UserProfile extends mfBaseModel
{
private $editor;
private $creator;
public function getProperty($name)
{
if ($this->$name == null) {
if (!$this->id) {
return null;
}
if ($name == "creator") {
$this->creator = new User($this->create_by);
return $this->creator;
}
if ($name == "editor") {
$this->editor = new User($this->edit_by);
return $this->editor;
}
$classname = ucfirst($name);
$idfield = $name . "_id";
$this->$name = new $classname($this->$idfield);
if ($this->$name->id) {
return $this->$name;
} else {
return null;
}
}
return $this->$name;
}
}

279
application/UserProfile/UserProfileController.php Normal file
View File

@@ -0,0 +1,279 @@
<?php
class UserProfileController extends mfBaseController
{
protected $falseVerification = false;
protected function init()
{
$this->needlogin = true;
$me = new User();
$me->loadMe();
$this->me = $me;
$this->layout()->set("me", $me);
}
protected function indexAction()
{
$this->layout()->setTemplate("UserProfile/Index");
$this->layout()->set("userprofile", $this->me);
// $email = new Emailnotification();
// $email->setSubject('testemail');
// $email->setBody('Testemail');
// $email->setTo('daniel.spitzer@inode.at');
// $email->send();
}
protected function addAction()
{
}
protected function apiAction()
{
$do = $this->request->do;
$codetype = $this->request->twofactor;
switch ($do) {
case "sendcode":
$return = $this->sendCode($codetype);
break;
case "checkverfication":
$return = $this->checkverfication();
break;
default:
$return = false;
}
}
private function checkverfication()
{
$id = $this->me->id;
$User = new User($id);
if ($User) {
$response['data']['verficationtype'] = $User->twofactor;
$response['success'] = "true";
} else {
$response['success'] = "false";
}
echo json_encode($response);
exit;
}
private function sendCode($codetype)
{
$r = $this->request;
$code = rand(0, 99999);
$code = str_pad($code, 5, 0, STR_PAD_LEFT);
$id = $this->me->id;
$emailaddress = $this->me->email;
$mobile = str_replace('+', '', $this->me->mobile);
$verification = $r->twofactor;
$User = new User($id);
$data = [];
$data['twofactorcode'] = $code;
$data['twofactortimestamp'] = time();
$User->update($data);
$User->save();
if ($verification == 1) {
$email = new Emailnotification();
$email->setSubject('Authentifizierungscode');
$email->setFrom('noreply@xinon.at', 'noreply@xinon.at');
$email->setBody($code);
$email->setTo($emailaddress);
$response = $email->send();
} else if ($verification == 2) {
if (!$this->me->mobile) {
$this->layout()->setFlash("Keine Mobilnummer hinterlegt", "error");
$this->redirect("UserProfile");
}
$sms = new SmsNotification();
$sms->setBody('Xinon 2FA Code: ' . $code);
$sms->setRecipient($mobile);
$response = $sms->send();
}
$response['success'] = "true";
echo json_encode($response);
exit;
}
protected function editAction()
{
$this->layout()->setTemplate("UserProfile/Form");
$this->layout()->set("userprofile", $this->me);
}
protected function saveAction()
{
$r = $this->request;
$id = $this->me->id;
$User = new User($id);
if ($User->twofactor != 0) {
$requestcode2fa = $r->code;
$userCode2fa = $User->twofactorcode;
if (!trim($requestcode2fa)) {
$this->layout()->setFlash("Verifizierungscode ", "error");
$this->redirect("UserProfile/edit");
} else if ($requestcode2fa != $userCode2fa) {
$this->layout()->setFlash("Verifizierungscode ungültig", "error");
$this->redirect("UserProfile/edit");
}
}
$data = [];
$data['name'] = trim($r->name);
if ($User->twofactor != 1) {
$data['email'] = trim($r->email);
if (!$data['email']) {
$this->layout()->setFlash("Email darf nicht leer sein", "error");
$this->redirect("UserProfile/edit");
}
}
if ($User->twofactor != 2) {
$data['mobile'] = trim($r->mobile);
}
if (!$data['name']) {
$this->layout()->setFlash("Name darf nicht leer sein", "error");
$this->redirect("UserProfile/edit");
}
if ($data['mobile'] && substr($data['mobile'], 0, 1) != "+") {
$this->layout()->setFlash("Telefonnummer im Format +436641122334455 eingeben", "error");
$this->redirect("UserProfile/edit");
}
$User->update($data);
$User->save();
$this->layout()->setFlash("Benutzerprofil erfolgreich geändert", "success");
$this->redirect("UserProfile");
}
protected function changepwdAction()
{
$r = $this->request;
$id = $this->me->id;
$pwd = $this->me->password;
$oldpwd = trim($r->oldpwd);
$newpwd = trim($r->newpwd);
$checkpwd = trim($r->checkpwd);
$User = new User($id);
$data = [];
$salt = substr($pwd, 0, 16);
$passhash = mfLoginController::generatePasswordHash($oldpwd, $salt);
if (!$oldpwd) {
$this->layout()->setFlash("altes Passwort darf nicht leer sein", "error");
$this->redirect("UserProfile");
}
if (!$newpwd) {
$this->layout()->setFlash("neues Passwort darf nicht leer sein", "error");
$this->redirect("UserProfile");
}
if ($pwd != $passhash) {
$this->layout()->setFlash("altes Passwort falsch", "error");
$this->redirect("UserProfile");
}
if (strlen($newpwd < 8)) {
$this->layout()->setFlash("neues Passwort muss min. 8 Zeichen haben", "error");
$this->redirect("UserProfile");
}
if ($newpwd != $checkpwd) {
$this->layout()->setFlash("Passwörter stimmen nicht überein", "error");
$this->redirect("UserProfile");
}
$newpasshash = mfLoginController::generatePasswordHash($newpwd);
$data['password'] = $newpasshash;
$User->update($data);
$User->save();
$this->layout()->setFlash("Passwort erfolgreich geändert", "success");
$this->redirect("UserProfile");
}
protected function code2faaction()
{
$r = $this->request;
$code = rand(0, 99999);
$code = str_pad($code, 5, 0, STR_PAD_LEFT);
$id = $this->me->id;
$emailaddress = $this->me->email;
$mobile = str_replace('+', '', $this->me->mobile);
$verification = $r->twofactor;
$User = new User($id);
$data = [];
$data['twofactorcode'] = $code;
$data['twofactortimestamp'] = time();
$User->update($data);
$User->save();
if ($verification == 1) {
$email = new Emailnotification();
$email->setSubject('Authentifizierungscode');
$email->setFrom('noreply@xinon.at', 'noreply@xinon.at');
$email->setBody($code);
$email->setTo($emailaddress);
$email->send();
} else if ($verification == 2) {
if (!$this->me->mobile) {
$this->layout()->setFlash("Keine Mobilnummer hinterlegt", "error");
$this->redirect("UserProfile");
}
$sms = new SmsNotification();
$sms->setBody('Xinon 2FA Code: ' . $code);
$sms->setRecipient($mobile);
$sms->send();
}
$this->layout()->setTemplate("UserProfile/Index");
$this->layout()->set("verification", $verification);
$this->layout()->set("userprofile", $this->me);
}
protected function activate2faaction()
{
$r = $this->request;
$reqCode = $r->code;
$twofactorcode = $this->me->twofactorcode;
$twofactortimestamp = $this->me->twofactortimestamp;
$timeSecond = time() - $twofactortimestamp;
if ($timeSecond <= 300 && $reqCode == $twofactorcode) {
$id = $this->me->id;
$User = new User($id);
$data['twofactor'] = $r->twofactor;
$User->update($data);
$User->save();
$this->layout()->setFlash("Zwei-Faktor-Authentifizierung aktiv", "success");
$this->redirect("UserProfile");
} else {
$verification = $r->twofactor;
$this->layout()->setFlash("Verifizierungscode falsch oder abgelaufen", "error");
$this->layout()->setTemplate("UserProfile/Index");
$this->layout()->set("verification", $verification);
$this->layout()->set("userprofile", $this->me);
}
}
protected function change2faaction()
{
if ($this->request->twofactor == 2) {
if (!$this->me->mobile) {
$this->layout()->setFlash("Keine Mobilnummer hinterlegt", "error");
$this->redirect("UserProfile");
}
}
$this->code2faaction();
}
}