46 lines
1.6 KiB
PHP
46 lines
1.6 KiB
PHP
<?php
|
|
/**
|
|
* GAuthenticator Plugin
|
|
*
|
|
* @copyright Copyright (c) 2018 WeiCN (https://cuojue.org)
|
|
* @license GNU General Public License 2.0
|
|
*
|
|
*/
|
|
class GAuthenticator_Action extends Typecho_Widget implements Widget_Interface_Do
|
|
{
|
|
|
|
public function __construct($request, $response, $params = NULL)
|
|
{
|
|
parent::__construct($request, $response, $params);
|
|
}
|
|
/**
|
|
* 验证GAuthenticator POST
|
|
*
|
|
*/
|
|
public function auth(){
|
|
if(intval($this->request->get('otp'))>0){
|
|
//获取到CODE
|
|
if (isset($_SESSION['GAuthenticator'])&&$_SESSION['GAuthenticator']) return;//如果SESSION匹配则直接返回
|
|
$config = Helper::options()->plugin('GAuthenticator');
|
|
require_once 'GoogleAuthenticator.php';
|
|
$referer = $this->request->getReferer();
|
|
$Authenticator = new PHPGangsta_GoogleAuthenticator();//初始化生成类
|
|
$oneCode = intval($this->request->get('otp'));//手机端生成的一次性代码
|
|
if($Authenticator->verifyCode($config->SecretKey, $oneCode, $config->SecretTime)){//验证一次性代码
|
|
$expire = 1 == $this->request->get('remember') ? Helper::options()->time + Helper::options()->timezone + 30*24*3600 : 0;
|
|
$_SESSION['GAuthenticator'] = true;//session保存
|
|
Typecho_Cookie::set('__typecho_GAuthenticator',md5($config->SecretKey.Typecho_Cookie::getPrefix().Typecho_Widget::widget('Widget_User')->uid),$expire);//cookie保存
|
|
}else{
|
|
Typecho_Widget::widget('Widget_Notice')->set(_t('两步验证失败'), 'error');
|
|
}
|
|
Typecho_Response::redirect($referer);
|
|
}
|
|
}
|
|
|
|
public function action(){
|
|
$this->widget('Widget_User')->pass('administrator');
|
|
$this->on($this->request->is('otp'))->auth();
|
|
}
|
|
}
|
|
?>
|