You are here

Home » API reference » Google Authenticator login 6 » ga4php.php » GoogleAuthenticator

function GoogleAuthenticator::authenticateUser in Google Authenticator login 6

Same name and namespace in other branches
  1. 7 ga4php.php \GoogleAuthenticator::authenticateUser()
1 method overrides GoogleAuthenticator::authenticateUser()
ga_loginGA::authenticateUser in ./ga_login.class.php

File

./ga4php.php, line 152

Class

GoogleAuthenticator

Code

function authenticateUser($username, $code) {
  if (preg_match("/[0-9][0-9][0-9][0-9][0-9][0-9]/", $code) < 1) {
    $this->errorText = "6 digits please";
    return false;
  }

  //error_log("begin auth user");
  $tokendata = $this
    ->internalGetData($username);

  //$asdf = print_r($tokendata, true);

  //error_log("dat is $asdf");
  if ($tokendata["tokenkey"] == "") {
    $this->errorText = "No Assigned Token";
    return false;
  }

  // TODO: check return value
  $ttype = $tokendata["tokentype"];
  $tlid = $tokendata["tokencounter"];
  $tkey = $tokendata["tokenkey"];

  //$asdf = print_r($tokendata, true);

  //error_log("dat is $asdf");
  switch ($ttype) {
    case "HOTP":
      error_log("in hotp");
      $st = $tlid + 1;
      $en = $tlid + $this->hotpSkew;
      for ($i = $st; $i < $en; $i++) {
        $stest = $this
          ->oath_hotp($tkey, $i);

        //error_log("testing code: $code, $stest, $tkey, $tid");
        if ($code == $stest) {
          $tokendata["tokencounter"] = $i;
          $this
            ->internalPutData($username, $tokendata);
          return true;
        }
      }
      return false;
      break;
    case "TOTP":
      error_log("in totp");
      $t_now = time();
      $t_ear = $t_now - $this->totpSkew * $tokendata["tokentimer"];
      $t_lat = $t_now + $this->totpSkew * $tokendata["tokentimer"];
      $t_st = (int) ($t_ear / $tokendata["tokentimer"]);
      $t_en = (int) ($t_lat / $tokendata["tokentimer"]);

      //error_log("kmac: $t_now, $t_ear, $t_lat, $t_st, $t_en");
      for ($i = $t_st; $i <= $t_en; $i++) {
        $stest = $this
          ->oath_hotp($tkey, $i);
        error_log("testing code: {$code}, {$stest}, {$tkey}\n");
        if ($code == $stest) {
          return true;
        }
      }
      break;
    default:
      return false;
  }
  return false;
}