dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
fusionpbx/core/authentication/resources/classes/plugins/email.php

525 lines
20 KiB
PHP
Raw Normal View History

Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
<?php
Authentication - Fix MFA when all methods are enabled.
2023-06-24 23:18:39 +02:00
/*
FusionPBX
Version: MPL 1.1
The contents of this file are subject to the Mozilla Public License Version
1.1 (the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.mozilla.org/MPL/
Software distributed under the License is distributed on an "AS IS" basis,
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
for the specific language governing rights and limitations under the
License.
The Original Code is FusionPBX
The Initial Developer of the Original Code is
Mark J Crane <markjcrane@fusionpbx.com>
Body Header User Image and Menu, Domain Selector, Contact Attachment improvements.
2024-09-29 00:37:36 +02:00
Portions created by the Initial Developer are Copyright (C) 2008-2024
Authentication - Fix MFA when all methods are enabled.
2023-06-24 23:18:39 +02:00
the Initial Developer. All Rights Reserved.
Contributor(s):
Mark J Crane <markjcrane@fusionpbx.com>
*/
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
/**
* plugin_email
*
* @method email time based one time password authenticate the user
*/
class plugin_email {
/**
* Define variables and their scope
*/
public $domain_name;
public $domain_uuid;
public $username;
public $password;
public $user_uuid;
public $user_email;
public $contact_uuid;
Frytimo pr patches for php8.1 (#6630) * Passing null to parameter #2 ($string) of type string is deprecated * Passing null to parameter #1 ($string) of type string is deprecated * php 8.1 fixes * php 8.1 fixes - replace strlen($var) > 0 with !empty($var) * php 8.1 fixes - replace ${var} with {$var} * php 8.1 fixes - replace ${var} with {$var} * php 8.1 fixes - replace ${var} with {$var} * php 8.1 fixes - replace ${var} with {$var} * php 8.1 fixes - strlower with null * php 8.1 fixes - strreplace with null * php 8.1 fixes - passing null to base64_decode * php 8.1 fixes - check for false and check for null on $this->dir * php 8.1 fixes - remove assignment of $db variable to modules object * php 8.1 fixes - avoid sending null to substr * php 8.1 fixes - change ${var} to {$var} * php 8.1 fixes - check for null before preg_replace * php 8.1 fixes - remove setting db variable on domains object * php 8.1 fixes - set empty string if $row['domain_setting_subcategory'] is null * php 8.1 fixes - set empty string if $_REQUEST['show'] is not available * php 8.1 fixes * php 8.1 fixes - correct $_POST checking syntax * php 8.1 fixes - correct $_POST variables * php 8.1 fixes * Use brackets consistently * Update user_setting_edit.php * Change to not empty * Update device.php * Update text.php --------- Co-authored-by: Tim Fry <tim@voipstratus.com> Co-authored-by: FusionPBX <markjcrane@gmail.com>
2023-05-05 18:46:37 +02:00
public $debug;
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
/**
* time based one time password with email
* @return array [authorized] => true or false
*/
function email() {
Fix a bug where logo was overridden
2024-09-05 18:28:53 +02:00
//pre-process some settings
Refine the authentication email class
2023-05-13 03:33:14 +02:00
$settings['theme']['favicon'] = !empty($_SESSION['theme']['favicon']['text']) ? $_SESSION['theme']['favicon']['text'] : PROJECT_PATH.'/themes/default/favicon.ico';
$settings['login']['destination'] = !empty($_SESSION['login']['destination']['text']) ? $_SESSION['login']['destination']['text'] : '';
$settings['users']['unique'] = !empty($_SESSION['users']['unique']['text']) ? $_SESSION['users']['unique']['text'] : '';
$settings['theme']['logo'] = !empty($_SESSION['theme']['logo']['text']) ? $_SESSION['theme']['logo']['text'] : PROJECT_PATH.'/themes/default/images/logo_login.png';
$settings['theme']['login_logo_width'] = !empty($_SESSION['theme']['login_logo_width']['text']) ? $_SESSION['theme']['login_logo_width']['text'] : 'auto; max-width: 300px';
$settings['theme']['login_logo_height'] = !empty($_SESSION['theme']['login_logo_height']['text']) ? $_SESSION['theme']['login_logo_height']['text'] : 'auto; max-height: 300px';
Authentication: Additional improvements to order execution and invalid creds.
2023-06-25 03:11:49 +02:00
$settings['theme']['message_delay'] = isset($_SESSION['theme']['message_delay']) ? 1000 * (float) $_SESSION['theme']['message_delay'] : 3000;
New setting background_video
2024-06-18 17:32:19 +02:00
$settings['theme']['background_video'] = isset($_SESSION['theme']['background_video'][0]) ? $_SESSION['theme']['background_video'][0] : null;
Add favicon (#6671) * Add favicon * Update totp_secret.htm * Update totp.htm * Update login.htm * Update email.htm * Update totp.php * Update ldap.php * Update email.php * Update database.php
2023-05-07 02:31:48 +02:00
Fix a bug where logo was overridden
2024-09-05 18:28:53 +02:00
//get the domain
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
$domain_array = explode(":", $_SERVER["HTTP_HOST"]);
$domain_name = $domain_array[0];
Fix a bug where logo was overridden
2024-09-05 18:28:53 +02:00
//use the session username
Use the session username when it is set
2023-04-17 19:22:27 +02:00
if (isset($_SESSION['username'])) {
$_POST['username'] = $_SESSION['username'];
$_REQUEST['username'] = $_SESSION['username'];
}
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
//request the username
if (!isset($_POST['username']) && !isset($_POST['authentication_code'])) {
//add multi-lingual support
$language = new text;
$text = $language->get(null, '/core/authentication');
//initialize a template object
$view = new template();
$view->engine = 'smarty';
$view->template_dir = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/core/authentication/resources/views/';
Template engine use sys_get_temp_dir Used to get the operating system temp directory.
2024-06-26 15:28:37 +02:00
$view->cache_dir = sys_get_temp_dir();
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
$view->init();
//assign default values to the template
Add project_path and login_destination_url
2023-05-11 07:09:43 +02:00
$view->assign("project_path", PROJECT_PATH);
$view->assign("login_destination_url", $settings['login']['destination']);
$view->assign("favicon", $settings['theme']['favicon']);
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
$view->assign("login_title", $text['label-username']);
$view->assign("login_username", $text['label-username']);
Refine the authentication email class
2023-05-13 03:33:14 +02:00
$view->assign("login_logo_width", $settings['theme']['login_logo_width']);
$view->assign("login_logo_height", $settings['theme']['login_logo_height']);
$view->assign("login_logo_source", $settings['theme']['logo']);
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
$view->assign("button_login", $text['button-login']);
Authentication: Additional improvements to order execution and invalid creds.
2023-06-25 03:11:49 +02:00
$view->assign("message_delay", $settings['theme']['message_delay']);
New setting background_video
2024-06-18 17:32:19 +02:00
$view->assign("background_video", $settings['theme']['background_video']);
Remove unused login_destination_url
2023-04-18 17:41:25 +02:00
Authentication: Minor improvements in bad username handling, effort to integrate messages.
2023-06-25 00:40:44 +02:00
//messages
$view->assign('messages', message::html(true, ' '));
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
//show the views
$content = $view->render('username.htm');
echo $content;
exit;
}
//show the authentication code view
if (!isset($_POST['authentication_code'])) {
//get the username
//if (!isset($this->username) && isset($_REQUEST['username'])) {
// $this->username = $_REQUEST['username'];
//}
//get the user details
$sql = "select user_uuid, username, user_email, contact_uuid \n";
$sql .= "from v_users\n";
Allow login with email authentication
2023-05-06 22:44:30 +02:00
$sql .= "where (\n";
$sql .= " username = :username\n";
$sql .= " or user_email = :username\n";
$sql .= ")\n";
Refine the authentication email class
2023-05-13 03:33:14 +02:00
if ($settings['users']['unique'] != "global") {
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
//unique username per domain (not globally unique across system - example: email address)
$sql .= "and domain_uuid = :domain_uuid ";
$parameters['domain_uuid'] = $_SESSION["domain_uuid"];
}
Add user_type is null for better backwarads compatibility
2023-07-14 20:38:45 +02:00
$sql .= "and (user_type = 'default' or user_type is null) ";
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
$parameters['username'] = $_REQUEST['username'];
$database = new database;
$row = $database->select($sql, $parameters, 'row');
unset($parameters);
//set class variables
Frytimo pr patches for php8.1 (#6630) * Passing null to parameter #2 ($string) of type string is deprecated * Passing null to parameter #1 ($string) of type string is deprecated * php 8.1 fixes * php 8.1 fixes - replace strlen($var) > 0 with !empty($var) * php 8.1 fixes - replace ${var} with {$var} * php 8.1 fixes - replace ${var} with {$var} * php 8.1 fixes - replace ${var} with {$var} * php 8.1 fixes - replace ${var} with {$var} * php 8.1 fixes - strlower with null * php 8.1 fixes - strreplace with null * php 8.1 fixes - passing null to base64_decode * php 8.1 fixes - check for false and check for null on $this->dir * php 8.1 fixes - remove assignment of $db variable to modules object * php 8.1 fixes - avoid sending null to substr * php 8.1 fixes - change ${var} to {$var} * php 8.1 fixes - check for null before preg_replace * php 8.1 fixes - remove setting db variable on domains object * php 8.1 fixes - set empty string if $row['domain_setting_subcategory'] is null * php 8.1 fixes - set empty string if $_REQUEST['show'] is not available * php 8.1 fixes * php 8.1 fixes - correct $_POST checking syntax * php 8.1 fixes - correct $_POST variables * php 8.1 fixes * Use brackets consistently * Update user_setting_edit.php * Change to not empty * Update device.php * Update text.php --------- Co-authored-by: Tim Fry <tim@voipstratus.com> Co-authored-by: FusionPBX <markjcrane@gmail.com>
2023-05-05 18:46:37 +02:00
//if (!empty($row["user_email"])) {
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
// $this->user_uuid = $row['user_uuid'];
// $this->user_email = $row['user_email'];
// $this->contact_uuid = $row['contact_uuid'];
//}
//set a few session variables
$_SESSION["user_uuid"] = $row['user_uuid'];
$_SESSION["username"] = $row['username'];
$_SESSION["user_email"] = $row['user_email'];
$_SESSION["contact_uuid"] = $row["contact_uuid"];
Authentication: Minor improvements in bad username handling, effort to integrate messages.
2023-06-25 00:40:44 +02:00
//user not found
if (empty($row) || !is_array($row) || @sizeof($row) == 0) {
//clear submitted usernames
Authentication: Additional improvements to order execution and invalid creds.
2023-06-25 03:11:49 +02:00
unset($this->username, $_SESSION['username'], $_REQUEST['username'], $_POST['username']);
//clear authentication session
unset($_SESSION['authentication']);
Authentication: Minor improvements in bad username handling, effort to integrate messages.
2023-06-25 00:40:44 +02:00
//build the result array
Authentication: Additional improvements to order execution and invalid creds.
2023-06-25 03:11:49 +02:00
$result["plugin"] = "email";
Authentication: Minor improvements in bad username handling, effort to integrate messages.
2023-06-25 00:40:44 +02:00
$result["domain_uuid"] = $_SESSION["domain_uuid"];
$result["domain_name"] = $_SESSION["domain_name"];
$result["authorized"] = false;
//retun the array
return $result;
}
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
//user email not found
Authentication: Minor improvements in bad username handling, effort to integrate messages.
2023-06-25 00:40:44 +02:00
else if (empty($row["user_email"])) {
Authentication: Additional improvements to order execution and invalid creds.
2023-06-25 03:11:49 +02:00
//clear submitted usernames
unset($this->username, $_SESSION['username'], $_REQUEST['username'], $_POST['username']);
//clear authentication session
unset($_SESSION['authentication']);
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
//build the result array
$result["plugin"] = "email";
$result["domain_name"] = $_SESSION["domain_name"];
$result["username"] = $_REQUEST['username'];
$result["user_uuid"] = $_SESSION["user_uuid"];
$result["domain_uuid"] = $_SESSION["domain_uuid"];
$result["contact_uuid"] = $_SESSION["contact_uuid"];
$result["authorized"] = false;
//add the failed login to user logs
user_logs::add($result);
//return the array
return $result;
}
//authentication code
$_SESSION["user"]["authentication"]["email"]["code"] = generate_password(6, 1);
$_SESSION["user"]["authentication"]["email"]["epoch"] = time();
Authentication: Additional improvements to order execution and invalid creds.
2023-06-25 03:11:49 +02:00
//$_SESSION["authentication_address"] = $_SERVER['REMOTE_ADDR'];
//$_SESSION["authentication_date"] = 'now()';
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
//set the authentication code
//$sql = "update v_users \n";
//$sql .= "set auth_code = :auth_code \n";
//$sql .= "where user_uuid = :user_uuid;";
//$parameters['auth_code'] = $auth_code_hash;
//$parameters['user_uuid'] = $this->user_uuid;
//$database->execute($sql, $parameters);
//unset($sql);
//email settings
//$email_address = $this->user_email;
//$email_subject = 'Validation Code';
//$email_body = 'Validation Code: '.$authentication_code;
//send email with the authentication_code
//ob_start();
//$sent = !send_email($email_address, $email_subject, $email_body, $email_error, null, null, 3, 3) ? false : true;
//$response = ob_get_clean();
//get the language code
$language_code = $_SESSION['domain']['language']['code'];
Auth direct email or email queue (#6617) * Auth direct email or email_queue Authentication email plugin improvement * Update email.php
2023-07-12 03:14:20 +02:00
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
//get the email template from the database
$sql = "select template_subject, template_body ";
$sql .= "from v_email_templates ";
$sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
$sql .= "and template_language = :template_language ";
$sql .= "and template_category = :template_category ";
$sql .= "and template_subcategory = :template_subcategory ";
$sql .= "and template_type = :template_type ";
$sql .= "and template_enabled = 'true' ";
$parameters['domain_uuid'] = $_SESSION["domain_uuid"];
$parameters['template_language'] = $language_code;
$parameters['template_category'] = 'authentication';
$parameters['template_subcategory'] = 'email';
$parameters['template_type'] = 'html';
$database = new database;
$row = $database->select($sql, $parameters, 'row');
$email_subject = $row['template_subject'];
$email_body = $row['template_body'];
unset($sql, $parameters, $row);
//replace variables in email subject
$email_subject = str_replace('${domain_name}', $_SESSION["domain_name"], $email_subject);
//replace variables in email body
$email_body = str_replace('${domain_name}', $_SESSION["domain_name"], $email_body);
$email_body = str_replace('${auth_code}', $_SESSION["user"]["authentication"]["email"]["code"], $email_body);
//get the email from name and address
$email_from_address = $_SESSION['email']['smtp_from']['text'];
$email_from_name = $_SESSION['email']['smtp_from_name']['text'];
Use the email_send_mode
2023-07-12 03:22:43 +02:00
//get the email send mode options: direct or email_queue
$email_send_mode = $_SESSION['authentication']['email_send_mode']['text'] ?? 'email_queue';
Auth direct email or email queue (#6617) * Auth direct email or email_queue Authentication email plugin improvement * Update email.php
2023-07-12 03:14:20 +02:00
Use the email_send_mode
2023-07-12 03:22:43 +02:00
//send the email
if ($email_send_mode == 'email_queue') {
//set the variables
Auth direct email or email queue (#6617) * Auth direct email or email_queue Authentication email plugin improvement * Update email.php
2023-07-12 03:14:20 +02:00
$email_queue_uuid = uuid();
$email_uuid = uuid();
$hostname = gethostname();
//add the temporary permissions
Fix temporary permissions
2024-11-29 21:57:01 +01:00
$p = permissions::new();
Auth direct email or email queue (#6617) * Auth direct email or email_queue Authentication email plugin improvement * Update email.php
2023-07-12 03:14:20 +02:00
$p->add("email_queue_add", 'temp');
$p->add("email_queue_edit", 'temp');
$array['email_queue'][0]["email_queue_uuid"] = $email_queue_uuid;
$array['email_queue'][0]["domain_uuid"] = $_SESSION["domain_uuid"];
$array['email_queue'][0]["hostname"] = $hostname;
$array['email_queue'][0]["email_date"] = 'now()';
$array['email_queue'][0]["email_from"] = $email_from_address;
$array['email_queue'][0]["email_to"] = $_SESSION["user_email"];
$array['email_queue'][0]["email_subject"] = $email_subject;
$array['email_queue'][0]["email_body"] = $email_body;
$array['email_queue'][0]["email_status"] = 'waiting';
$array['email_queue'][0]["email_retry_count"] = 3;
$array['email_queue'][0]["email_uuid"] = $email_uuid;
$array['email_queue'][0]["email_action_before"] = null;
$array['email_queue'][0]["email_action_after"] = null;
$database = new database;
$database->app_name = 'email queue';
$database->app_uuid = '5befdf60-a242-445f-91b3-2e9ee3e0ddf7';
$database->save($array);
$err = $database->message;
unset($array);
//remove the temporary permission
$p->delete("email_queue_add", 'temp');
$p->delete("email_queue_edit", 'temp');
}
else {
//send email - direct
$email = new email;
$email->recipients = $_SESSION["user_email"];
$email->subject = $email_subject;
$email->body = $email_body;
$email->from_address = $email_from_address;
$email->from_name = $email_from_name;
//$email->attachments = $email_attachments;
$email->debug_level = 0;
$email->method = 'direct';
$sent = $email->send();
}
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
//debug informations
//$email_response = $email->response;
//$email_error = $email->email_error;
//echo $email_response."<br />\n";
//echo $email_error."<br />\n";
//get the domain
$domain_array = explode(":", $_SERVER["HTTP_HOST"]);
$domain_name = $domain_array[0];
//create token
//$object = new token;
//$token = $object->create('login');
//add multi-lingual support
$language = new text;
$text = $language->get(null, '/core/authentication');
//initialize a template object
$view = new template();
$view->engine = 'smarty';
$view->template_dir = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/core/authentication/resources/views/';
Template engine use sys_get_temp_dir Used to get the operating system temp directory.
2024-06-26 15:28:37 +02:00
$view->cache_dir = sys_get_temp_dir();
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
$view->init();
//assign default values to the template
Add project_path and login_destination_url
2023-05-11 07:09:43 +02:00
$view->assign("project_path", PROJECT_PATH);
$view->assign("login_destination_url", $settings['login']['destination']);
$view->assign("favicon", $settings['theme']['favicon']);
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
$view->assign("login_title", $text['label-verify']);
$view->assign("login_email_description", $text['label-email_description']);
$view->assign("login_authentication_code", $text['label-authentication_code']);
Refine the authentication email class
2023-05-13 03:33:14 +02:00
$view->assign("login_logo_width", $settings['theme']['login_logo_width']);
$view->assign("login_logo_height", $settings['theme']['login_logo_height']);
$view->assign("login_logo_source", $settings['theme']['logo']);
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
$view->assign("button_verify", $text['label-verify']);
Authentication: Updates to improve order compatibility.
2023-06-27 04:32:11 +02:00
$view->assign("message_delay", $settings['theme']['message_delay']);
Authentication - Fix MFA when all methods are enabled.
2023-06-24 23:18:39 +02:00
if (!empty($_SESSION['username'])) {
$view->assign("username", $_SESSION['username']);
$view->assign("button_cancel", $text['button-cancel']);
}
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
Authentication: Minor improvements in bad username handling, effort to integrate messages.
2023-06-25 00:40:44 +02:00
//messages
$view->assign('messages', message::html(true, ' '));
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
//show the views
$content = $view->render('email.htm');
echo $content;
exit;
}
//if authorized then verify
if (isset($_POST['authentication_code'])) {
//check if the authentication code has expired. if expired return false
Authentication - Fix MFA when all methods are enabled.
2023-06-24 23:18:39 +02:00
if (!empty($_SESSION["user"]) && $_SESSION["user"]["authentication"]["email"]["epoch"] + 3 > time()) {
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
//authentication code expired
$result["plugin"] = "email";
$result["domain_name"] = $_SESSION["domain_name"];
$result["username"] = $_SESSION["username"];
$result["error_message"] = 'code expired';
$result["authorized"] = false;
print_r($result);
return $result;
exit;
}
//get the user details
Authentication - Fix MFA when all methods are enabled.
2023-06-24 23:18:39 +02:00
$sql = "select user_uuid, user_email, contact_uuid\n";
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
$sql .= "from v_users\n";
Allow login with email authentication
2023-05-06 22:44:30 +02:00
$sql .= "where (\n";
$sql .= " username = :username\n";
$sql .= " or user_email = :username\n";
$sql .= ")\n";
Refine the authentication email class
2023-05-13 03:33:14 +02:00
if ($settings['users']['unique'] != "global") {
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
//unique username per domain (not globally unique across system - example: email address)
$sql .= "and domain_uuid = :domain_uuid ";
$parameters['domain_uuid'] = $_SESSION["domain_uuid"];
}
$parameters['username'] = $_SESSION["username"];
$database = new database;
$row = $database->select($sql, $parameters, 'row');
$this->user_uuid = $row['user_uuid'];
$this->user_email = $row['user_email'];
$this->contact_uuid = $row['contact_uuid'];
unset($parameters);
Authentication: Additional improvements to order execution and invalid creds.
2023-06-25 03:11:49 +02:00
/*
echo 'session code = '.$_SESSION["user"]["authentication"]["email"]["code"].'<br>';
echo 'post code = '.$_POST['authentication_code'].'<br>';
exit;
*/
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
//validate the code
Authentication - Fix MFA when all methods are enabled.
2023-06-24 23:18:39 +02:00
if (!empty($_SESSION["user"]) && $_SESSION["user"]["authentication"]["email"]["code"] === $_POST['authentication_code']) {
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
$auth_valid = true;
}
else {
$auth_valid = false;
}
Authentication - Fix MFA when all methods are enabled.
2023-06-24 23:18:39 +02:00
//clear posted authentication code
unset($_POST['authentication_code']);
Body Header User Image and Menu, Domain Selector, Contact Attachment improvements.
2024-09-29 00:37:36 +02:00
//check if contacts app exists
$contacts_exists = file_exists($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/app/contacts/') ? true : false;
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
//get the user details
if ($auth_valid) {
//get user data from the database
Body Header User Image and Menu, Domain Selector, Contact Attachment improvements.
2024-09-29 00:37:36 +02:00
$sql = "select ";
$sql .= " u.user_uuid, ";
$sql .= " u.username, ";
$sql .= " u.user_email, ";
$sql .= " u.contact_uuid ";
if ($contacts_exists) {
$sql .= ",";
$sql .= "c.contact_organization, ";
$sql .= "c.contact_name_given, ";
$sql .= "c.contact_name_family, ";
$sql .= "a.contact_attachment_uuid ";
}
$sql .= "from ";
$sql .= " v_users as u ";
if ($contacts_exists) {
$sql .= "left join v_contacts as c on u.contact_uuid = c.contact_uuid and u.contact_uuid is not null ";
$sql .= "left join v_contact_attachments as a on u.contact_uuid = a.contact_uuid and u.contact_uuid is not null and a.attachment_primary = 1 and a.attachment_filename is not null and a.attachment_content is not null ";
}
$sql .= "where ";
$sql .= " u.user_uuid = :user_uuid ";
Refine the authentication email class
2023-05-13 03:33:14 +02:00
if ($settings['users']['unique'] != "global") {
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
//unique username per domain (not globally unique across system - example: email address)
Body Header User Image and Menu, Domain Selector, Contact Attachment improvements.
2024-09-29 00:37:36 +02:00
$sql .= "and u.domain_uuid = :domain_uuid ";
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
$parameters['domain_uuid'] = $_SESSION["domain_uuid"];
}
$parameters['user_uuid'] = $_SESSION["user_uuid"];
$database = new database;
$row = $database->select($sql, $parameters, 'row');
unset($parameters);
//set a few session variables
//$_SESSION["username"] = $row['username']; //setting the username makes it skip the rest of the authentication
//$_SESSION["user_email"] = $row['user_email'];
//$_SESSION["contact_uuid"] = $row["contact_uuid"];
}
else {
Authentication: Additional improvements to order execution and invalid creds.
2023-06-25 03:11:49 +02:00
// //destroy session
// session_unset();
// session_destroy();
// //$_SESSION['authentication']['plugin']
// //send http 403
// header('HTTP/1.0 403 Forbidden', true, 403);
//
// //redirect to the root of the website
// header("Location: ".PROJECT_PATH."/");
//
// //exit the code
// exit();
//clear submitted usernames
unset($this->username, $_SESSION['username'], $_REQUEST['username'], $_POST['username']);
//clear authentication session
unset($_SESSION['authentication']);
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
}
/*
//check if user successfully logged in during the interval
//$sql = "select user_log_uuid, timestamp, user_name, user_agent, remote_address ";
$sql = "select count(*) as count ";
$sql .= "from v_user_logs ";
$sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and user_uuid = :user_uuid ";
$sql .= "and user_agent = :user_agent ";
$sql .= "and type = 'login' ";
$sql .= "and result = 'success' ";
$sql .= "and floor(extract(epoch from now()) - extract(epoch from timestamp)) > 3 ";
$sql .= "and floor(extract(epoch from now()) - extract(epoch from timestamp)) < 300 ";
$parameters['domain_uuid'] = $this->domain_uuid;
$parameters['user_uuid'] = $this->user_uuid;
$parameters['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
$database = new database;
$user_log_count = $database->select($sql, $parameters, 'all');
//view_array($user_log_count);
unset($sql, $parameters);
*/
//result array
$result["plugin"] = "email";
$result["domain_name"] = $_SESSION["domain_name"];
$result["username"] = $_SESSION["username"];
$result["user_uuid"] = $_SESSION["user_uuid"];
$result["domain_uuid"] = $_SESSION["domain_uuid"];
Body Header User Image and Menu, Domain Selector, Contact Attachment improvements.
2024-09-29 00:37:36 +02:00
if ($contacts_exists) {
$result["contact_uuid"] = $_SESSION["contact_uuid"];
$result["contact_organization"] = $row["contact_organization"];
$result["contact_name_given"] = $row["contact_name_given"];
$result["contact_name_family"] = $row["contact_name_family"];
$result["contact_image"] = $row["contact_attachment_uuid"];
}
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
$result["authorized"] = $auth_valid ? true : false;
Authentication: Additional improvements to order execution and invalid creds.
2023-06-25 03:11:49 +02:00
//add the failed login to user logs
if (!$auth_valid) {
user_logs::add($result);
}
//retun the array
Add mutli-factor authentication.
2023-04-16 09:10:39 +02:00
return $result;
//$_SESSION['authentication']['plugin']['email']['plugin'] = "email";
//$_SESSION['authentication']['plugin']['email']['domain_name'] = $_SESSION["domain_name"];
//$_SESSION['authentication']['plugin']['email']['username'] = $row['username'];
//$_SESSION['authentication']['plugin']['email']['user_uuid'] = $_SESSION["user_uuid"];
//$_SESSION['authentication']['plugin']['email']['contact_uuid'] = $_SESSION["contact_uuid"];
//$_SESSION['authentication']['plugin']['email']['domain_uuid'] = $_SESSION["domain_uuid"];
//$_SESSION['authentication']['plugin']['email']['authorized'] = $auth_valid ? true : false;
}
}
}
New setting background_video
2024-06-18 17:32:19 +02:00
?>