decrypt_login(); $password = $credentials[1]; $user = $_SESSION['user2factor']; if (get_preg($user, 'dn')) { $user = extractRDNValue($user); } // get serials try { $service = new TwoFactorProviderService($config); $provider = $service->getProvider(); $serials = $provider->getSerials($user, $password); } catch (\Exception $e) { logNewMessage(LOG_ERR, 'Unable to get 2-factor serials for ' . $user . ' ' . $e->getMessage()); metaRefresh("login.php?2factor=error"); die(); } $twoFactorLabelConfig = $config->getTwoFactorAuthenticationLabel(); $twoFactorLabel = empty($twoFactorLabelConfig) ? _('PIN+Token') : $twoFactorLabelConfig; if (sizeof($serials) == 0) { if ($config->getTwoFactorAuthenticationOptional()) { unset($_SESSION['2factorRequired']); unset($_SESSION['user2factor']); metaRefresh("main.php"); die(); } else { metaRefresh("login.php?2factor=noToken"); die(); } } if (isset($_POST['logout'])) { // destroy session session_destroy(); unset($_SESSION); // redirect to login page metaRefresh("login.php"); exit(); } if (isset($_POST['submit'])) { $twoFactorInput = $_POST['2factor']; $serial = $_POST['serial']; if (empty($twoFactorInput) || !in_array($serial, $serials)) { $errorMessage = _(sprintf('Please enter "%s".', $twoFactorLabel)); } else { $twoFactorValid = false; try { $twoFactorValid = $provider->verify2ndFactor($user, $password, $serial, $twoFactorInput); } catch (\Exception $e) { logNewMessage(LOG_WARNING, '2-factor verification failed: ' . $e->getMessage()); } if ($twoFactorValid) { unset($_SESSION['2factorRequired']); unset($_SESSION['user2factor']); metaRefresh("main.php"); die(); } else { $errorMessage = _(sprintf('Verification failed.', $twoFactorLabel)); } } } echo $_SESSION['header']; printHeaderContents(_("Login"), '..'); ?>


getTwoFactorAuthenticationCaption(); ?>
add(new \htmlStatusMessage('ERROR', $errorMessage), 12); $row->add(new htmlSpacer('1em', '1em'), 12); } // serial $row->add(new htmlOutputText(_('Serial number')), 12, 12, 12, 'text-left'); $serialSelect = new htmlSelect('serial', $serials); $row->add($serialSelect, 12); // token $row->add(new htmlOutputText($twoFactorLabel), 12, 12, 12, 'text-left'); $twoFactorInput = new htmlInputField('2factor', ''); $twoFactorInput->setFieldSize(null); $twoFactorInput->setIsPassword(true); $row->add($twoFactorInput, 12); $row->add(new htmlSpacer('1em', '1em'), 12); $submit = new htmlButton('submit', _("Submit")); $submit->setCSSClasses(array('fullwidth')); $row->add($submit, 12, 12, 12, 'fullwidth'); $row->add(new htmlSpacer('0.5em', '0.5em'), 12); $logout = new htmlButton('logout', _("Cancel")); $logout->setCSSClasses(array('fullwidth')); $row->add($logout, 12); $group->addElement($row); $tabindex = 1; addSecurityTokenToMetaHTML($group); parseHtml(null, $group, array(), false, $tabindex, 'user'); ?>