Stud.IP  4.0
 All Data Structures Namespaces Files Functions Variables Groups
TwoFactorAuth Class Reference

Public Member Functions

 secureSession ()
 
 confirm ($action, $text, array $data=[])
 

Static Public Member Functions

static get ()
 
static isEnabledForUser (User $user=null)
 
static removeCookie ()
 

Data Fields

const SESSION_KEY = 'tfa/confirmed'
 
const SESSION_REDIRECT = 'tfa/redirect'
 
const SESSION_ENFORCE = 'tfa/enforce'
 
const SESSION_DATA = 'tfa/data'
 
const SESSION_CONFIRMATIONS = 'tfa/confirmations'
 
const SESSION_FAILED = 'tfa/failed'
 
const COOKIE_KEY = 'tfa/authentication'
 

Detailed Description

Class handling the two factor authentication

Author
Jan-Hendrik Willms tleil.nosp@m.ax+s.nosp@m.tudip.nosp@m.@gma.nosp@m.il.co.nosp@m.m GPL2 or any later version
Since
Stud.IP 4.4
See Also
TFASecret model

Member Function Documentation

confirm (   $action,
  $text,
array  $data = [] 
)

Requests a 2fa token input to confirm a specific action.

Parameters
string$actionName of the action to confirm
string$textText to display to the user
array$dataOptional additional data to pass to the confirmation screen (for internal use)
static get ( )
static

Returns an instance of the authentication

Returns
TwoFactorAuth object
static isEnabledForUser ( User  $user = null)
static

Returns whether the two factor authentication is enabled for the given user (defaults to current user). The user's permissions decide whether the two factor authentication is enabled or not.

Parameters
User$userUser to check (optional, defaults to current user)
Returns
boolean
static removeCookie ( )
static
secureSession ( )

Secures the current session, if applicable.

This method checks the following:

  • is 2fa enabled for the current user
  • is the request an ajax call
  • does the user have a secret, meaning 2fa is enabled
  • is the secret already confirmed
  • has the session already been confirmed (identified by a valid random token stored in the session)
  • is the computer trusted (identified by a valid random token stored in a cookie)

If the user has 2fa enabled, it's secret is confirmed and the session has not been secured yet, a validation screen with a prompt to enter a valid token is presented to the user.

Field Documentation

const COOKIE_KEY = 'tfa/authentication'
const SESSION_CONFIRMATIONS = 'tfa/confirmations'
const SESSION_DATA = 'tfa/data'
const SESSION_ENFORCE = 'tfa/enforce'
const SESSION_FAILED = 'tfa/failed'
const SESSION_KEY = 'tfa/confirmed'
const SESSION_REDIRECT = 'tfa/redirect'

The documentation for this class was generated from the following file: