Bitrix-D7 23.9
 
Загрузка...
Поиск...
Не найдено
authcode.php
1<?php
8namespace Bitrix\Main\Controller;
9
10use Bitrix\Main;
11use Bitrix\Main\Component;
12use Bitrix\Main\Localization\Loc;
13use Bitrix\Security\Mfa;
14
15class AuthCode extends Main\Engine\Controller
16{
17 const SIGNATURE_SALT = 'phone_auth_email';
18
24 public function sendEmailAction($login)
25 {
26 if($login == '')
27 {
28 $this->addError(new Main\Error(Loc::getMessage("main_authcode_incorrect_request"), "ERR_PARAMS"));
29 return null;
30 }
31
32 $result = \CUser::SendPassword($login, "", false, "", 0, "", true);
33
35 $checkResult = $result["RESULT"];
36 if($checkResult)
37 {
38 $intervals = $checkResult->getData();
39 }
40 else
41 {
42 $intervals = [];
43 }
44
45 if($result["TYPE"] == "ERROR")
46 {
47 $errorCode = ($checkResult? "ERR_TIMEOUT" : "ERR_NOT_FOUND");
48 $this->addError(new Main\Error($result["MESSAGE"], $errorCode, $intervals));
49 return null;
50 }
51
52 return [
53 'signedData' => Component\ParameterSigner::signParameters(
54 self::SIGNATURE_SALT,
55 ['userId' => $result["USER_ID"]]
56 ),
57 'intervals' => $intervals,
58 ];
59 }
60
67 public function confirmAction($code, $signedData)
68 {
69 global $USER;
70
71 try
72 {
73 $params = Component\ParameterSigner::unsignParameters(self::SIGNATURE_SALT, $signedData);
74 }
75 catch(Main\SystemException $e)
76 {
77 $this->addError(new Main\Error(Loc::getMessage("main_authcode_incorrect_request"), "ERR_SIGNATURE"));
78 return null;
79 }
80
81 if(!preg_match('/^[0-9]{6}$/', $code))
82 {
83 $this->addError(new Main\Error(Loc::getMessage("main_authcode_incorrect_code"), "ERR_FORMAT_CODE"));
84 return null;
85 }
86
87 $context = new Main\Authentication\Context();
88 $context->setUserId($params["userId"]);
89
90 $shortCode = new Main\Authentication\ShortCode($context);
91
92 $result = $shortCode->verify($code);
93
94 if($result->isSuccess())
95 {
96 $codeUser = $shortCode->getUser();
97 if(!$USER->IsAuthorized() && $codeUser->getActive() && !$codeUser->getBlocked())
98 {
99 if(Main\Loader::includeModule("security"))
100 {
101 if(Mfa\Otp::verifyUser(["USER_ID" => $params["userId"]]) == false)
102 {
103 $this->addError(new Main\Error(Loc::getMessage("main_authcode_otp_required"), 'ERR_OTP_REQUIRED'));
104
105 $this->checkOtpCaptcha();
106
107 return null;
108 }
109 }
110 $USER->Authorize($params["userId"]);
111 }
112 return true;
113 }
114 else
115 {
116 //replace the error message with the more specific one
117 if($result->getErrorCollection()->getErrorByCode("ERR_CONFIRM_CODE") !== null)
118 {
119 $this->addError(new Main\Error(Loc::getMessage("main_authcode_incorrect_code_input"), 'ERR_CONFIRM_CODE'));
120 }
121 if($result->getErrorCollection()->getErrorByCode("ERR_RETRY_COUNT") !== null)
122 {
123 $this->addError(new Main\Error(Loc::getMessage("main_authcode_retry_count"), "ERR_RETRY_COUNT"));
124 }
125 return null;
126 }
127 }
128
136 public function loginByOtpAction($otp, $captchaSid = "", $captchaWord = "")
137 {
138 global $USER;
139
140 $authResult = $USER->LoginByOtp($otp, "N", $captchaWord, $captchaSid);
141
142 if($authResult !== true)
143 {
144 $this->addError(new Main\Error($authResult["MESSAGE"], "ERR_OTP_CODE"));
145
146 if(Main\Loader::includeModule("security"))
147 {
148 $this->checkOtpCaptcha();
149 }
150 return null;
151 }
152
153 return true;
154 }
155
156 protected function checkOtpCaptcha()
157 {
158 global $APPLICATION;
159
160 if(Mfa\Otp::isCaptchaRequired())
161 {
162 $this->addError(
163 new Main\Error(
164 Loc::getMessage("main_authcode_otp_captcha_required"),
165 'ERR_OTP_CAPTCHA_REQUIRED',
166 [
167 "captchaSid" => $APPLICATION->CaptchaGetCode(),
168 ]
169 )
170 );
171 }
172 }
173
174 public function configureActions()
175 {
176 return [
177 'sendEmail' => [
178 '-prefilters' => [
179 Main\Engine\ActionFilter\Authentication::class,
180 ],
181 ],
182 'confirm' => [
183 '-prefilters' => [
184 Main\Engine\ActionFilter\Authentication::class,
185 ],
186 ],
187 'loginByOtp' => [
188 '-prefilters' => [
189 Main\Engine\ActionFilter\Authentication::class,
190 ],
191 ],
192 ];
193 }
194}
Bitrix\Main\Controller\AuthCode\confirmAction
confirmAction($code, $signedData)
Definition authcode.php:67
Bitrix\Main\Controller\AuthCode\loginByOtpAction
loginByOtpAction($otp, $captchaSid="", $captchaWord="")
Definition authcode.php:136
Bitrix\Main\Loader\includeModule
static includeModule($moduleName)
Definition loader.php:69
Bitrix\Main\Localization\Loc\getMessage
static getMessage($code, $replace=null, $language=null)
Definition loc.php:29
Bitrix\Security\Mfa\Otp\isCaptchaRequired
static isCaptchaRequired()
Definition otp.php:1335
Bitrix\Security\Mfa\Otp\verifyUser
static verifyUser(array $params)
Definition otp.php:1143