1<?php 2// must be run within Dokuwiki 3if (!defined('DOKU_INC')) die(); 4require_once(dirname(__FILE__).'/TokenHelper.php'); 5require_once(dirname(__FILE__).'/GoogleAuthenticator.php'); 6/** 7 * Google Authenticator Two Factor Form Action Plugin 8 * 9 * @author Andreas Boehler dev@aboehler.at 10 * @author Daniel Popp dan@danpopp.net 11 */ 12class action_plugin_authg2fa extends DokuWiki_Action_Plugin { 13 14 /** 15 * Registers the event handlers. 16 */ 17 function register(Doku_Event_Handler $controller) 18 { 19 $enable = $this->getConf("g2fa_enable"); 20 if($enable===1) { 21 $controller->register_hook('HTML_LOGINFORM_OUTPUT', 'BEFORE', $this, 'two_fa_login_form', array()); 22 $controller->register_hook('HTML_UPDATEPROFILEFORM_OUTPUT', 'AFTER', $this, 'handle_profile_form', array()); 23 } 24 } 25 /** 26 * Handles the login form rendering. 27 */ 28 function two_fa_login_form(&$event, $param) { 29 global $conf; 30 31 // Show login form above submit button (and above remember me option, if enabled) 32 $pos = $event->data->findElementByAttribute('type', 'submit'); 33 if($conf["rememberme"]) 34 $pos = $pos-1; 35 $event->data->insertElement($pos, form_makePasswordField('t', $this->getLang('g2fa'), '', 'block')); 36 } 37 38 function handle_profile_form(&$event, $param) { 39 global $ID; 40 global $INPUT; 41 42 $fn = $INPUT->param('fn'); 43 if(is_array($fn)) { 44 $cmd = key($fn); 45 $param = is_array($fn[$cmd]) ? key($fn[$cmd]) : null; 46 } else { 47 $cmd = $fn; 48 $param = null; 49 } 50 51 $th = new TokenHelper(); 52 $secret = $th->getSecret($_SERVER['REMOTE_USER']); 53 54 $form = new Doku_Form($ID); 55 $form->startFieldset($this->getLang('g2fa_fieldset')); 56 $form->addHidden('do', 'profile'); 57 $form->addHidden('g2fa', '1'); 58 $reveal = false; 59 60 61 62 switch($cmd) { 63 case "gensecret" : 64 if($th->createTokenForUser($_SERVER['REMOTE_USER'])) { 65 msg($this->getLang('g2fa_created')); 66 $secret = $th->getSecret($_SERVER['REMOTE_USER']); 67 } 68 break; 69 case "update": 70 if($INPUT->param('secret') == "********") 71 { 72 msg($this->getLang('g2fa_notchanged')); 73 break; 74 } 75 if($th->saveToken($_SERVER['REMOTE_USER'], $INPUT->param('secret'))) 76 msg($this->getLang('g2fa_updated')); 77 else 78 msg($this->getLang('g2fa_notchanged')); 79 $secret = $th->getSecret($_SERVER['REMOTE_USER']); 80 break; 81 case "showqr" : 82 if($secret != '') { 83 $ga = new PHPGangsta_GoogleAuthenticator(); 84 $url = $ga->getQRCodeGoogleUrl(urlencode('DokuWiki:'.$_SERVER['REMOTE_USER']), $secret); 85 $form->addElement(form_makeTag('img', array('src' => $url, 'alt' => 'Google 2FA QR Image'))); 86 $form->addElement(form_makeTag('br')); 87 $reveal = true; 88 } 89 break; 90 case "delsecret" : 91 if($th->deleteTokenForUser($_SERVER['REMOTE_USER'])) { 92 msg($this->getLang('g2fa_removed')); 93 $secret = ''; 94 } 95 break; 96 } 97 if($reveal) { 98 $form->addElement(form_makeTextField('secret', $secret, $this->getLang('secret'), '', 'block', array('size'=>'50'))); 99 } else { 100 $form->addElement(form_makeTextField('secret', '********', $this->getLang('secret'), '', 'block', array('size'=>'50'))); 101 } 102 $form->addElement(form_makeButton('submit', '', $this->getLang('showqr'), array('name' => 'fn[showqr]', 'disabled' => $secret == '' ? 'disabled' : ''))); 103 $form->addElement(form_makeTag('br')); 104 $form->addElement(form_makeButton('submit', '', $this->getLang('generate'), array('name' => 'fn[gensecret]'))); 105 $form->addElement(form_makeButton('submit', '', $this->getLang('update'), array('name' => 'fn[update]'))); 106 $form->addElement(form_makeTag('br')); 107 $form->addElement(form_makeButton('submit', '', $this->getLang('delete'), array('name' => 'fn[delsecret]', 'disabled' => $secret == '' ? 'disabled' : '' ))); 108 $form->endFieldset(); 109 html_form('g2fa', $form); 110 } 111 112} 113?> 114