This commit is contained in:
chorblack
45
GAuthenticator/Action.php
Normal file
45
GAuthenticator/Action.php
Normal file
@@ -0,0 +1,45 @@
|
||||
<?php
|
||||
/**
|
||||
* GAuthenticator Plugin
|
||||
*
|
||||
* @copyright Copyright (c) 2018 WeiCN (https://cuojue.org)
|
||||
* @license GNU General Public License 2.0
|
||||
*
|
||||
*/
|
||||
class GAuthenticator_Action extends Typecho_Widget implements Widget_Interface_Do
|
||||
{
|
||||
|
||||
public function __construct($request, $response, $params = NULL)
|
||||
{
|
||||
parent::__construct($request, $response, $params);
|
||||
}
|
||||
/**
|
||||
* 验证GAuthenticator POST
|
||||
*
|
||||
*/
|
||||
public function auth(){
|
||||
if(intval($this->request->get('otp'))>0){
|
||||
//获取到CODE
|
||||
if (isset($_SESSION['GAuthenticator'])&&$_SESSION['GAuthenticator']) return;//如果SESSION匹配则直接返回
|
||||
$config = Helper::options()->plugin('GAuthenticator');
|
||||
require_once 'GoogleAuthenticator.php';
|
||||
$referer = $this->request->getReferer();
|
||||
$Authenticator = new PHPGangsta_GoogleAuthenticator();//初始化生成类
|
||||
$oneCode = intval($this->request->get('otp'));//手机端生成的一次性代码
|
||||
if($Authenticator->verifyCode($config->SecretKey, $oneCode, $config->SecretTime)){//验证一次性代码
|
||||
$expire = 1 == $this->request->get('remember') ? Helper::options()->time + Helper::options()->timezone + 30*24*3600 : 0;
|
||||
$_SESSION['GAuthenticator'] = true;//session保存
|
||||
Typecho_Cookie::set('__typecho_GAuthenticator',md5($config->SecretKey.Typecho_Cookie::getPrefix().Typecho_Widget::widget('Widget_User')->uid),$expire);//cookie保存
|
||||
}else{
|
||||
Typecho_Widget::widget('Widget_Notice')->set(_t('两步验证失败'), 'error');
|
||||
}
|
||||
Typecho_Response::redirect($referer);
|
||||
}
|
||||
}
|
||||
|
||||
public function action(){
|
||||
$this->widget('Widget_User')->pass('administrator');
|
||||
$this->on($this->request->is('otp'))->auth();
|
||||
}
|
||||
}
|
||||
?>
|
||||
Reference in New Issue
Block a user