function mo_auth_form_alter_submit in Google Authenticator / 2 Factor Authentication - 2FA 7

1 call to mo_auth_form_alter_submit()

mo_auth_collectattributes in ./mo_auth.module

Makes API call for remember device

3 string references to 'mo_auth_form_alter_submit'

mo_auth_form_alter in ./mo_auth.module

mo_auth_form_user_login_alter in ./mo_auth.module

mo_auth_form_user_login_block_alter in ./mo_auth.module

File

./mo_auth.module, line 437

Module file for miniOrange 2FA Module.

Code

function mo_auth_form_alter_submit(&$form, &$form_state, $username = '', $rba_invoke_2fa = false) {
  global $base_url;
  $loginSettings = new MoAuthLoginSettings();

  //If function called after RBA API call
  if ($rba_invoke_2fa == true) {
    $user = user_load_by_name($username);
    $isUserAdmin = is_array($user->roles) && (in_array('administrator', $user->roles) || in_array('admin', $user->roles));
  }
  else {
    $username = isset($form_state['values']['name']) ? $form_state['values']['name'] : $_POST['name'];
    $user = user_load_by_name($username);
    if ($user === false) {
      drupal_set_message(t('Invalid Credentials.'), 'error');
      return;
    }
    $isUserAdmin = is_array($user->roles) && (in_array('administrator', $user->roles) || in_array('admin', $user->roles));
    $remember_device = variable_get('mo_auth_remember_device', 'Not_Allowed') == 'Not_Allowed' ? false : true;

    //Remember device enabled and user not loggin for the first time and only second factor enabled and backdoor url is used and enabled
    if (!empty($user->miniorange_registered_email) && $remember_device && !variable_get('mo_auth_two_factor_instead_password') && moIsBackdoorUrlEnabled($isUserAdmin) === TRUE) {
      MoAuthUtilities::mo2f_collect_device_attributes_handler($username);
    }
  }
  if (moIsBackdoorUrlEnabled($isUserAdmin)) {
    if ($rba_invoke_2fa == false) {
      $val = variable_get('mo_auth_two_factor_instead_password');
      if ($val == '1' && !isset($_POST['pass'])) {
        unset($_GET['destination']);
      }
      else {
        $password = isset($form_state['values']['pass']) ? $form_state['values']['pass'] : $_POST['pass'];
        $_SESSION['moDestination'] = isset($_GET['destination']) && $_GET['destination'] !== 'node' ? $_GET['destination'] : '';
        unset($_GET['destination']);
        if (!user_authenticate($username, $password)) {
          form_set_error('name', t('Invalid username or password.'));
          return;
        }
        else {
          if ($loginSettings
            ->getEnablePasswordChecks()) {
            list($failed, $name, $value) = mo_auth_form_password_validator($user, $password, TRUE);
            if ($failed) {
              watchdog("miniorange_2fa", $value);
              $passwordResetUrl = $base_url . '/user/password?name=' . $username;
              drupal_set_message('Additional security is required to protect your account. Please click below to email password reset instructions.', 'warning', TRUE);
              header('Location:' . $passwordResetUrl);
              drupal_exit($passwordResetUrl);
            }
          }
        }
      }
    }
    $_SESSION['mo_auth']['status'] = '1ST_FACTOR_AUTHENTICATED';
    $_SESSION['mo_auth']['1ST_FACTOR_AUTHENTICATED_FOR'] = $user->uid;
    $customer = new MiniorangeCustomerProfile();
    $license_type = variable_get('mo_auth_2fa_license_type', 'DEMO');
    $roles = $user->{"roles"};
    if (variable_get('mo_2fa_domain_and_role_rule', 'OR') == 'OR') {
      $TFARequired = MoAuthUtilities::check_roles_to_invoke_2fa($roles) || MoAuthUtilities::check_domain_to_invoke_2fa($user->mail);
    }
    else {
      $TFARequired = MoAuthUtilities::check_roles_to_invoke_2fa($roles) && MoAuthUtilities::check_domain_to_invoke_2fa($user->mail);
    }
    if (variable_get('mo_auth_two_factor_instead_password') == true || $TFARequired) {
      if (!empty($user->miniorange_registered_email)) {
        $user_email = $user->miniorange_registered_email[LANGUAGE_NONE][0]['value'];
        $license_type = variable_get('mo_auth_2fa_license_type', 'DEMO');
        if ($license_type == 'DRUPAL_2FA_PLUGIN' || $license_type == 'PREMIUM') {
          mo_auth_challenge_user($user, $form_state);
          return;
        }
        elseif ((in_array('administrator', $user->roles) || in_array('admin', $user->roles)) && $user_email == $customer
          ->getRegisteredEmail()) {
          mo_auth_challenge_user($user, $form_state);
          return;
        }
      }
      if (($license_type == 'DRUPAL_2FA_PLUGIN' || $license_type == 'PREMIUM') && $loginSettings
        ->getEnforceInlineRegistration()) {
        if (isset($_POST['pass']) || $rba_invoke_2fa) {
          $form_state['redirect'] = 'login/user/' . $user->uid . '/register';
        }
        else {
          $link = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
          $link = str_replace("/node?destination=node", '', $link);
          $form_state['redirect'] = $link . '/?need_second_factor_pass=1&uid=' . $user->uid . '';
        }
        unset($form_state['storage']);
        drupal_goto($form_state['redirect']);
        return;
      }
      $form_state['uid'] = $user->uid;
    }
  }
  user_login_submit(array(), $form_state);
  drupal_goto($base_url);
  exit;
}