forked from glpi-project/glpi
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathReAuthController.php
More file actions
96 lines (85 loc) · 3.29 KB
/
Copy pathReAuthController.php
File metadata and controls
96 lines (85 loc) · 3.29 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
<?php
/**
* ---------------------------------------------------------------------
*
* GLPI - Gestionnaire Libre de Parc Informatique
*
* http://glpi-project.org
*
* @copyright 2015-2026 Teclib' and contributors.
* @licence https://www.gnu.org/licenses/gpl-3.0.html
*
* ---------------------------------------------------------------------
*
* LICENSE
*
* This file is part of GLPI.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* ---------------------------------------------------------------------
*/
declare(strict_types=1);
namespace Glpi\Controller\Security;
use Glpi\Application\View\TemplateRenderer;
use Glpi\Controller\AbstractController;
use Glpi\Exception\RedirectException;
use Glpi\Http\Firewall;
use Glpi\Security\Attribute\SecurityStrategy;
use Glpi\Security\ReAuthManager;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Attribute\Route;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
class ReAuthController extends AbstractController
{
private ReAuthManager $reAuthManager;
public function __construct(
private readonly ?UrlGeneratorInterface $router = null
) {
$this->reAuthManager = new ReAuthManager();
}
#[Route(
path: "/ReAuth/Prompt",
name: "reauth_prompt",
methods: ['GET']
)]
#[SecurityStrategy(Firewall::STRATEGY_NO_CHECK)]
public function prompt(Request $request): Response
{
return new Response(TemplateRenderer::getInstance()->render('pages/2fa/2fa_request.html.twig', [
'redirect' => $this->reAuthManager->getRedirectSuccessURL(),
'action' => $this->router->generate('reauth_verify'),
]));
}
#[Route(
path: "/ReAuth/Verify",
name: "reauth_verify",
methods: ['POST']
)]
public function verify(Request $request): void
{
$totp_code = $request->get('totp_code');
if (is_array($totp_code)) {
$totp_code = implode('', $totp_code);
}
if ($this->reAuthManager->verify((string) $totp_code)) { // @todo refacto gestion de l'array dans verify ?
$this->reAuthManager->authenticate();
// @todo pour la conservation des données POST (si la le réauth n'est plus valable au moment de la soumission du form),
// il faut afficher un form qui contient les données post stockées ($this->reAuthManager->getPostDataForRedirect())
throw new RedirectException($this->reAuthManager->getRedirectSuccessURL());
}
throw new \Exception('Vérif ratée : Rediriger vers ? petit bloc avec message d\'erreur et bouton pour revenir à la page précédente ?');
}
}