1C-Bitrix 25.700.0
Загрузка...
Поиск...
Не найдено
authcode.php
См. документацию.
1<?php
8namespace Bitrix\Main\Controller;
9
10use Bitrix\Main;
11use Bitrix\Main\Component;
12use Bitrix\Main\Localization\Loc;
13use Bitrix\Main\Authentication\Method;
14use Bitrix\Security\Mfa;
15
16class AuthCode extends Main\Engine\Controller
17{
18 const SIGNATURE_SALT = 'phone_auth_email';
19
25 public function sendEmailAction($login)
26 {
27 if($login == '')
28 {
29 $this->addError(new Main\Error(Loc::getMessage("main_authcode_incorrect_request"), "ERR_PARAMS"));
30 return null;
31 }
32
33 $result = \CUser::SendPassword($login, "", false, "", 0, "", true);
34
36 $checkResult = $result["RESULT"];
37 if($checkResult)
38 {
39 $intervals = $checkResult->getData();
40 }
41 else
42 {
43 $intervals = [];
44 }
45
46 if($result["TYPE"] == "ERROR")
47 {
48 $errorCode = ($checkResult? "ERR_TIMEOUT" : "ERR_NOT_FOUND");
49 $this->addError(new Main\Error($result["MESSAGE"], $errorCode, $intervals));
50 return null;
51 }
52
53 return [
54 'signedData' => Component\ParameterSigner::signParameters(
55 self::SIGNATURE_SALT,
56 ['userId' => $result["USER_ID"]]
57 ),
58 'intervals' => $intervals,
59 ];
60 }
61
68 public function confirmAction($code, $signedData)
69 {
70 global $USER;
71
72 try
73 {
74 $params = Component\ParameterSigner::unsignParameters(self::SIGNATURE_SALT, $signedData);
75 }
76 catch(Main\SystemException)
77 {
78 $this->addError(new Main\Error(Loc::getMessage("main_authcode_incorrect_request"), "ERR_SIGNATURE"));
79 return null;
80 }
81
82 if(!$params["userId"])
83 {
84 $this->addError(new Main\Error(Loc::getMessage("main_authcode_incorrect_request"), "ERR_USER_ID"));
85 return null;
86 }
87
88 if(!preg_match('/^[0-9]{6}$/', $code))
89 {
90 $this->addError(new Main\Error(Loc::getMessage("main_authcode_incorrect_code"), "ERR_FORMAT_CODE"));
91 return null;
92 }
93
94 $context = new Main\Authentication\Context();
95 $context->setUserId($params["userId"]);
96
97 $shortCode = new Main\Authentication\ShortCode($context);
98
99 $result = $shortCode->verify($code);
100
101 if($result->isSuccess())
102 {
103 $codeUser = $shortCode->getUser();
104 if(!$USER->IsAuthorized() && $codeUser->getActive() && !$codeUser->getBlocked())
105 {
106 if(Main\Loader::includeModule("security"))
107 {
108 if(!Mfa\Otp::verifyUser(["USER_ID" => $params["userId"]]))
109 {
110 $this->addError(new Main\Error(Loc::getMessage("main_authcode_otp_required"), 'ERR_OTP_REQUIRED'));
111
112 $this->checkOtpCaptcha();
113
114 return null;
115 }
116 }
117 $context->setMethod(Method::EmailCode);
118 $USER->Authorize($context);
119 }
120 return true;
121 }
122 else
123 {
124 //replace the error message with the more specific one
125 if($result->getErrorCollection()->getErrorByCode("ERR_CONFIRM_CODE") !== null)
126 {
127 $this->addError(new Main\Error(Loc::getMessage("main_authcode_incorrect_code_input"), 'ERR_CONFIRM_CODE'));
128 }
129 if($result->getErrorCollection()->getErrorByCode("ERR_RETRY_COUNT") !== null)
130 {
131 $this->addError(new Main\Error(Loc::getMessage("main_authcode_retry_count"), "ERR_RETRY_COUNT"));
132 }
133 return null;
134 }
135 }
136
144 public function loginByOtpAction($otp, $captchaSid = "", $captchaWord = "")
145 {
146 global $USER;
147
148 $authResult = $USER->LoginByOtp($otp, "N", $captchaWord, $captchaSid);
149
150 if($authResult !== true)
151 {
152 $this->addError(new Main\Error($authResult["MESSAGE"], "ERR_OTP_CODE"));
153
154 if(Main\Loader::includeModule("security"))
155 {
156 $this->checkOtpCaptcha();
157 }
158 return null;
159 }
160
161 return true;
162 }
163
164 protected function checkOtpCaptcha()
165 {
166 global $APPLICATION;
167
168 if(Mfa\Otp::isCaptchaRequired())
169 {
170 $this->addError(
171 new Main\Error(
172 Loc::getMessage("main_authcode_otp_captcha_required"),
173 'ERR_OTP_CAPTCHA_REQUIRED',
174 [
175 "captchaSid" => $APPLICATION->CaptchaGetCode(),
176 ]
177 )
178 );
179 }
180 }
181
182 public function configureActions()
183 {
184 return [
185 'sendEmail' => [
186 '-prefilters' => [
187 Main\Engine\ActionFilter\Authentication::class,
188 ],
189 ],
190 'confirm' => [
191 '-prefilters' => [
192 Main\Engine\ActionFilter\Authentication::class,
193 ],
194 ],
195 'loginByOtp' => [
196 '-prefilters' => [
197 Main\Engine\ActionFilter\Authentication::class,
198 ],
199 ],
200 ];
201 }
202}
$APPLICATION
global $APPLICATION
Определения include.php:80
$login
$login
Определения change_password.php:8
Bitrix\Main\Component\ParameterSigner\signParameters
static signParameters($componentName, $parameters)
Определения parametersigner.php:19
Bitrix\Main\Component\ParameterSigner\unsignParameters
static unsignParameters($componentName, $signedParameters)
Определения parametersigner.php:37
Bitrix\Main\Controller\AuthCode\SIGNATURE_SALT
const SIGNATURE_SALT
Определения authcode.php:18
Bitrix\Main\Controller\AuthCode\confirmAction
confirmAction($code, $signedData)
Определения authcode.php:68
Bitrix\Main\Controller\AuthCode\loginByOtpAction
loginByOtpAction($otp, $captchaSid="", $captchaWord="")
Определения authcode.php:144
Bitrix\Main\Engine\Controller\addError
addError(Error $error)
Определения controller.php:1070
Bitrix\Main\Error
Определения error.php:15
Bitrix\Main\Loader\includeModule
static includeModule($moduleName)
Определения loader.php:67
Bitrix\Security\Mfa\Otp\isCaptchaRequired
static isCaptchaRequired()
Определения otp.php:1335
Bitrix\Security\Mfa\Otp\verifyUser
static verifyUser(array $params)
Определения otp.php:1143
$result
$result
Определения get_property_values.php:14
$USER
global $USER
Определения csv_new_run.php:40
$context
$context
Определения csv_new_setup.php:223
$code
if(!is_null($config))($config as $configItem)(! $configItem->isVisible()) $code
Определения options.php:195
Bitrix\Main\Context
Определения culture.php:9
$params
if($inWords) echo htmlspecialcharsbx(Number2Word_Rus(roundEx($totalVatSum $params['CURRENCY']
Определения template.php:799
$otp
$otp
Определения options_user_settings.php:33