You are here

Home » API reference » Google Authenticator / 2 Factor Authentication - 2FA 8

miniorange_2fa.module in Google Authenticator / 2 Factor Authentication - 2FA 8

Same filename and directory in other branches
  1. 8.2 miniorange_2fa.module

Module file for miniOrange 2FA Module.

File

miniorange_2fa.module
View source 
<?php

/**
 * @file
 * Module file for miniOrange 2FA Module.
 */
use Drupal\user\Entity\User;
use Drupal\miniorange_2fa\MoAuthUtilities;
use Drupal\miniorange_2fa\MiniorangeCustomerProfile;
use Symfony\Component\HttpFoundation\RedirectResponse;
function miniorange_2fa_page_attachments(array &$attachments) {
  $attachments['#attached']['library'][] = 'miniorange_2fa/miniorange_2fa.admin';
}
function miniorange_2fa_form_alter(&$form, \Drupal\Core\Form\FormStateInterface $form_state, $form_id) {
  if ($form_id == 'user_login_block' || $form_id == 'user_login_form' || $form_id == 'user_profile_form') {
    if (MoAuthUtilities::isCustomerRegistered()) {
      $loginSettings = \Drupal::config('miniorange_2fa.settings')
        ->get('mo_auth_enable_two_factor');
      if ($loginSettings && !MoAuthUtilities::check_white_IPs()) {
        \Drupal::service('page_cache_kill_switch')
          ->trigger();
        $only_2nd_factor = \Drupal::config('miniorange_2fa.settings')
          ->get('mo_auth_use_only_2nd_factor');
        $use_pass = \Drupal::config('miniorange_2fa.settings')
          ->get('mo_auth_2fa_use_pass');
        if ($only_2nd_factor and !isset($use_pass)) {
          $output = array_diff_key($form, array_flip((array) [
            'pass',
          ]));
          $output1 = array_diff_key($output, array_flip((array) [
            'actions',
          ]));
          $output2 = array_diff_key($output1, array_flip((array) [
            '#validate',
          ]));
          $form = $output2;
          $form['minorange_login_tfa'] = array(
            '#type' => 'submit',
            '#value' => t('Login with 2nd Factor'),
            '#submit' => array(
              'miniorange_2fa_form_alter_submit',
            ),
            '#prefix' => '<br><br><br>',
          );
        }
        else {
          array_unshift($form['#submit'], 'miniorange_2fa_form_alter_submit');
          \Drupal::configFactory()
            ->getEditable('miniorange_2fa.settings')
            ->clear('mo_auth_2fa_use_pass')
            ->save();
        }
      }
    }
  }
}
function miniorange_2fa_form_alter_submit(&$form, \Drupal\Core\Form\FormStateInterface $form_state) {
  global $base_url;
  $mo_auth_use_only_2nd_factor = \Drupal::config('miniorange_2fa.settings')
    ->get('mo_auth_use_only_2nd_factor');
  \Drupal::messenger()
    ->deleteAll();
  if ($mo_auth_use_only_2nd_factor) {
    $username = $_POST['name'];
    if (isset($_POST['pass'])) {
      $password = $_POST['pass'];
      unset($_GET['destination']);
      if (!\Drupal::service('user.auth')
        ->authenticate($username, $password)) {
        \Drupal::messenger()
          ->addMessage(t('Invalid username/password'), 'error');
        return;
      }
    }
  }
  else {
    $username = $_POST['name'];
    $password = $_POST['pass'];
    unset($_GET['destination']);
    if (!\Drupal::service('user.auth')
      ->authenticate($username, $password)) {
      \Drupal::messenger()
        ->addMessage(t('Invalid username/password'), 'error');
      return;
    }
  }
  $user = user_load_by_name($username);
  if ($user === false) {
    \Drupal::messenger()
      ->addMessage(t('Invalid credentials'), 'error');
    return;
  }
  $user_id = $user
    ->id();
  $roles = $user
    ->getRoles();
  $custom_attribute = MoAuthUtilities::get_users_custom_attribute($user_id);
  if (count($custom_attribute) > 0) {
    $user_email = $custom_attribute[0]->miniorange_registered_email;
  }
  $customer = new MiniorangeCustomerProfile();
  $loginSettings = \Drupal::config('miniorange_2fa.settings')
    ->get('mo_auth_enforce_inline_registration');
  $license_type = \Drupal::config('miniorange_2fa.settings')
    ->get('mo_auth_2fa_license_type') == '' ? 'DEMO' : \Drupal::config('miniorange_2fa.settings')
    ->get('mo_auth_2fa_license_type');
  if (empty($user_email) && $mo_auth_use_only_2nd_factor && !isset($_POST['pass'])) {
    \Drupal::configFactory()
      ->getEditable('miniorange_2fa.settings')
      ->set('mo_auth_2fa_use_pass', TRUE)
      ->save();
    return;
  }

  /**
   * Role based 2FA check
   */
  if (MoAuthUtilities::check_roles_to_invoke_2fa($roles)) {
    if (!empty($user_email)) {
      \Drupal::configFactory()
        ->getEditable('miniorange_2fa.settings')
        ->set('mo_auth_challanged', 0)
        ->save();
      if ($license_type == 'PREMIUM' || $license_type == 'DRUPAL_2FA_PLUGIN' || $license_type == 'DRUPAL8_2FA_MODULE') {
        $url = $base_url . '/login/user/' . $user_id . '/authenticate';
        $response = new RedirectResponse($url);
        $response
          ->send();
        exit;
      }
      elseif (in_array('administrator', $roles) && $user_email == $customer
        ->getRegisteredEmail()) {
        $url = $base_url . '/login/user/' . $user_id . '/authenticate';
        $response = new RedirectResponse($url);
        $response
          ->send();
        exit;
      }
    }
    elseif (($license_type == 'PREMIUM' || $license_type == 'DRUPAL_2FA_PLUGIN' || $license_type == 'DRUPAL8_2FA_MODULE') && $loginSettings) {
      $url = $base_url . '/login/user/' . $user_id . '/register';
      $response = new RedirectResponse($url);
      $response
        ->send();
      exit;
    }
  }
  $user = User::load($user_id);
  user_login_finalize($user);
  $response = new RedirectResponse($base_url . '/user/login');
  $response
    ->send();
  exit;
}

Functions

Namesort descending Description
miniorange_2fa_form_alter
miniorange_2fa_form_alter_submit
miniorange_2fa_page_attachments