From 220b1abff6220eefbd83016ddecf94fa3c3253f5 Mon Sep 17 00:00:00 2001 From: Chenx221 Date: Fri, 8 Mar 2024 16:43:22 +0800 Subject: [PATCH] =?UTF-8?q?=E5=AE=9E=E7=8E=B0=E6=81=A2=E5=A4=8D=E4=BB=A3?= =?UTF-8?q?=E7=A0=81=E7=99=BB=E5=BD=95=E8=B4=A6=E6=88=B7=E5=8A=9F=E8=83=BD?= =?UTF-8?q?=20*=E7=9B=AE=E5=89=8D=E7=9A=84=E5=AE=89=E5=85=A8=E7=AD=96?= =?UTF-8?q?=E7=95=A5=E6=98=AF=E4=BD=BF=E7=94=A8=E8=BF=87=E7=9A=84=E6=81=A2?= =?UTF-8?q?=E5=A4=8D=E4=BB=A3=E7=A0=81=E5=B0=86=E4=BC=9A=E5=A4=B1=E6=95=88?= =?UTF-8?q?=20*=E5=85=B6=E5=AE=9E=E6=83=B3=E5=81=9A=E7=9A=84=E6=98=AF?= =?UTF-8?q?=E5=9C=A8=E6=81=A2=E5=A4=8D=E5=90=8E=E8=87=AA=E5=8A=A8=E5=85=B3?= =?UTF-8?q?=E6=8E=89=E4=BA=8C=E6=AD=A5=E9=AA=8C=E8=AF=81:)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- controllers/UserController.php | 44 +++++++++++++++++++++++++--------- models/User.php | 3 ++- views/user/verifyTwoFactor.php | 7 ++++++ 3 files changed, 42 insertions(+), 12 deletions(-) diff --git a/controllers/UserController.php b/controllers/UserController.php index 5b59527..6caf0ff 100644 --- a/controllers/UserController.php +++ b/controllers/UserController.php @@ -183,18 +183,40 @@ class UserController extends Controller if ($model->load(Yii::$app->request->post())) { // 验证二步验证代码 - $otp = TOTP::createFromSecret($user->otp_secret); - if ($otp->verify($model->totp_input)) { - $user->last_login = date('Y-m-d H:i:s'); - $user->last_login_ip = Yii::$app->request->userIP; - if (!$user->save(false)) { - Yii::$app->session->setFlash('error', '登陆成功,但出现了内部错误'); + if(!is_null($model->totp_input)){ + $otp = TOTP::createFromSecret($user->otp_secret); + if ($otp->verify($model->totp_input)) { + $user->last_login = date('Y-m-d H:i:s'); + $user->last_login_ip = Yii::$app->request->userIP; + if (!$user->save(false)) { + Yii::$app->session->setFlash('error', '登陆成功,但出现了内部错误'); + } + Yii::$app->user->login($user, $model->rememberMe ? 3600 * 24 * 30 : 0); + Yii::$app->session->remove('login_verification'); + return $this->goHome(); + } else { + Yii::$app->session->setFlash('error', '二步验证代码错误'); } - Yii::$app->user->login($user, $model->rememberMe ? 3600 * 24 * 30 : 0); - Yii::$app->session->remove('login_verification'); - return $this->goHome(); - } else { - Yii::$app->session->setFlash('error', '二步验证代码错误'); + }elseif (!is_null($model->recoveryCode_input)) { + $recoveryCodes = explode(',', $user->recovery_codes); + if (in_array($model->recoveryCode_input, $recoveryCodes)) { + //remove the used recovery code + $recoveryCodes = array_diff($recoveryCodes, [$model->recoveryCode_input]); + $user->recovery_codes = implode(',', $recoveryCodes); + $user->last_login = date('Y-m-d H:i:s'); + $user->last_login_ip = Yii::$app->request->userIP; + if (!$user->save(false)) { + Yii::$app->session->setFlash('error', '登陆成功,但出现了内部错误'); + } + Yii::$app->session->setFlash('success', '登陆成功,但请注意已经使用的恢复代码已失效'); + Yii::$app->user->login($user, $model->rememberMe ? 3600 * 24 * 30 : 0); + Yii::$app->session->remove('login_verification'); + return $this->goHome(); + } else { + Yii::$app->session->setFlash('error', '恢复代码错误'); + } + }else{ + Yii::$app->session->setFlash('error', '请输入二步验证代码或恢复代码'); } } diff --git a/models/User.php b/models/User.php index 0918f5a..54ad145 100644 --- a/models/User.php +++ b/models/User.php @@ -42,6 +42,7 @@ class User extends ActiveRecord implements IdentityInterface public $newPassword; // 新密码 修改密码用 public $newPasswordRepeat; // 重复新密码 修改密码用 public $totp_input; // otp用户输入值 + public $recoveryCode_input; // 恢复代码用户输入 /** * {@inheritdoc} @@ -59,7 +60,7 @@ class User extends ActiveRecord implements IdentityInterface return [ [['status', 'is_encryption_enabled', 'is_otp_enabled','dark_mode'], 'integer'], [['created_at', 'last_login'], 'safe'], - [['bio', 'totp_input'], 'string'], + [['bio', 'totp_input','recoveryCode_input'], 'string'], [['encryption_key', 'otp_secret', 'recovery_codes'], 'string', 'max' => 255], [['last_login_ip'], 'string', 'max' => 45], [['username', 'password'], 'required', 'on' => 'login'], diff --git a/views/user/verifyTwoFactor.php b/views/user/verifyTwoFactor.php index 005fc8f..6e9337c 100644 --- a/views/user/verifyTwoFactor.php +++ b/views/user/verifyTwoFactor.php @@ -23,6 +23,13 @@ $this->params['breadcrumbs'][] = $this->title; 'btn btn-primary']) ?> +
+ + field($model, 'recoveryCode_input')->textInput()->label('丢失所有验证设备? 使用恢复代码') ?> +
+ 'btn btn-primary']) ?> +
+