탐색 도움말
로그인
fusionpbx
/
fusionpbx-framework
의 미러 https://github.com/fusionpbx/fusionpbx-framework.git
2
0
포크 0
파일 이슈 0 위키
트리: 9cf350f333
브랜치 태그
fusionpbx-frame...
/
core
/
authentication
/
resources
/
classes
/
plugins
/
totp.php

totp.php 16 KB
히스토리 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443 
  1. <?php
    2. 

  2. /*
    3. 

  3. 	FusionPBX
    4. 

  4. 	Version: MPL 1.1
    5. 

  5. 

  6. 	The contents of this file are subject to the Mozilla Public License Version
    7. 

  7. 	1.1 (the "License"); you may not use this file except in compliance with
    8. 

  8. 	the License. You may obtain a copy of the License at
    9. 

  9. 	http://www.mozilla.org/MPL/
    10. 

  10. 

  11. 	Software distributed under the License is distributed on an "AS IS" basis,
    12. 

  12. 	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
    13. 

  13. 	for the specific language governing rights and limitations under the
    14. 

  14. 	License.
    15. 

  15. 

  16. 	The Original Code is FusionPBX
    17. 

  17. 

  18. 	The Initial Developer of the Original Code is
    19. 

  19. 	Mark J Crane <[email protected]>
    20. 

  20. 	Portions created by the Initial Developer are Copyright (C) 2008-2024
    21. 

  21. 	the Initial Developer. All Rights Reserved.
    22. 

  22. 

  23. 	Contributor(s):
    24. 

  24. 	Mark J Crane <[email protected]>
    25. 

  25. */
    26. 

  26. 

  27. /**
    28. 

  28.  * plugin_totp
    29. 

  29.  *
    30. 

  30.  * @method totp time based one time password authenticate the user
    31. 

  31.  */
    32. 

  32. class plugin_totp {
    33. 

  33. 

  34. 	/**
    35. 

  35. 	 * Define variables and their scope
    36. 

  36. 	 */
    37. 

  37. 	public $debug;
    38. 

  38. 	public $domain_name;
    39. 

  39. 	public $username;
    40. 

  40. 	public $password;
    41. 

  41. 	public $user_uuid;
    42. 

  42. 	public $user_email;
    43. 

  43. 	public $contact_uuid;
    44. 

  44. 	private $user_totp_secret;
    45. 

  45. 

  46. 	/**
    47. 

  47. 	 * time based one time password aka totp
    48. 

  48. 	 * @return array [authorized] => true or false
    49. 

  49. 	 */
    50. 

  50. 	function totp() {
    51. 

  51. 

  52. 		//pre-process some settings
    53. 

  53. 			$settings['theme']['favicon'] = !empty($_SESSION['theme']['favicon']['text']) ? $_SESSION['theme']['favicon']['text'] : PROJECT_PATH.'/themes/default/favicon.ico';
    54. 

  54. 			$settings['login']['destination'] = !empty($_SESSION['login']['destination']['text']) ? $_SESSION['login']['destination']['text'] : '';
    55. 

  55. 			$settings['users']['unique'] = !empty($_SESSION['users']['unique']['text']) ? $_SESSION['users']['unique']['text'] : '';
    56. 

  56. 			$settings['theme']['logo'] = !empty($_SESSION['theme']['logo']['text']) ? $_SESSION['theme']['logo']['text'] : PROJECT_PATH.'/themes/default/images/logo_login.png';
    57. 

  57. 			$settings['theme']['login_logo_width'] = !empty($_SESSION['theme']['login_logo_width']['text']) ? $_SESSION['theme']['login_logo_width']['text'] : 'auto; max-width: 300px';
    58. 

  58. 			$settings['theme']['login_logo_height'] = !empty($_SESSION['theme']['login_logo_height']['text']) ? $_SESSION['theme']['login_logo_height']['text'] : 'auto; max-height: 300px';
    59. 

  59. 			$settings['theme']['message_delay'] = isset($_SESSION['theme']['message_delay']) ? 1000 * (float) $_SESSION['theme']['message_delay'] : 3000;
    60. 

  60. 			$settings['theme']['background_video'] = isset($_SESSION['theme']['background_video'][0]) ? $_SESSION['theme']['background_video'][0] : null;
    61. 

  61. 

  62. 		//get the username
    63. 

  63. 			if (isset($_SESSION["username"])) {
    64. 

  64. 				$this->username = $_SESSION["username"];
    65. 

  65. 			}
    66. 

  66. 			if (isset($_POST['username'])) {
    67. 

  67. 				$this->username = $_POST['username'];
    68. 

  68. 				$_SESSION["username"] = $this->username;
    69. 

  69. 			}
    70. 

  70. 

  71. 		//request the username
    72. 

  72. 			if (!$this->username && !isset($_POST['authentication_code'])) {
    73. 

  73. 

  74. 				//get the domain
    75. 

  75. 				$domain_array = explode(":", $_SERVER["HTTP_HOST"]);
    76. 

  76. 				$domain_name = $domain_array[0];
    77. 

  77. 

  78. 				//create token
    79. 

  79. 				//$object = new token;
    80. 

  80. 				//$token = $object->create('login');
    81. 

  81. 

  82. 				//add multi-lingual support
    83. 

  83. 				$language = new text;
    84. 

  84. 				$text = $language->get(null, '/core/authentication');
    85. 

  85. 

  86. 				//initialize a template object
    87. 

  87. 				$view = new template();
    88. 

  88. 				$view->engine = 'smarty';
    89. 

  89. 				$view->template_dir = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/core/authentication/resources/views/';
    90. 

  90. 				$view->cache_dir = sys_get_temp_dir();
    91. 

  91. 				$view->init();
    92. 

  92. 

  93. 				//assign default values to the template
    94. 

  94. 				$view->assign("project_path", PROJECT_PATH);
    95. 

  95. 				$view->assign("login_destination_url", $settings['login']['destination']);
    96. 

  96. 				$view->assign("favicon", $settings['theme']['favicon']);
    97. 

  97. 				$view->assign("login_title", $text['label-username']);
    98. 

  98. 				$view->assign("login_username", $text['label-username']);
    99. 

  99. 				$view->assign("login_logo_width", $settings['theme']['login_logo_width']);
    100. 

  100. 				$view->assign("login_logo_height", $settings['theme']['login_logo_height']);
    101. 

  101. 				$view->assign("login_logo_source", $settings['theme']['logo']);
    102. 

  102. 				$view->assign("button_login", $text['button-login']);
    103. 

  103. 				$view->assign("favicon", $settings['theme']['favicon']);
    104. 

  104. 				$view->assign("message_delay", $settings['theme']['message_delay']);
    105. 

  105. 

  106. 				//messages
    107. 

  107. 				$view->assign('messages', message::html(true, '		'));
    108. 

  108. 

  109. 				//show the views
    110. 

  110. 				$content = $view->render('username.htm');
    111. 

  111. 				echo $content;
    112. 

  112. 				exit;
    113. 

  113. 			}
    114. 

  114. 

  115. 		//show the authentication code view
    116. 

  116. 			if (!isset($_POST['authentication_code'])) {
    117. 

  117. 

  118. 				//get the username
    119. 

  119. 				if (!isset($this->username) && isset($_REQUEST['username'])) {
    120. 

  120. 					$this->username = $_REQUEST['username'];
    121. 

  121. 					$_SESSION['username'] = $this->username;
    122. 

  122. 				}
    123. 

  123. 

  124. 				//get the domain name
    125. 

  125. 				if (!empty($_SESSION['username'])) {
    126. 

  126. 					$auth = new authentication;
    127. 

  127. 					$auth->get_domain();
    128. 

  128. 					$this->domain_uuid = $_SESSION['domain_uuid'];
    129. 

  129. 					$this->domain_name = $_SESSION['domain_name'];
    130. 

  130. 					$this->username = $_SESSION['username'];
    131. 

  131. 				}
    132. 

  132. 

  133. 				//get the user details
    134. 

  134. 				$sql = "select user_uuid, username, user_email, contact_uuid, user_totp_secret\n";
    135. 

  135. 				$sql .= "from v_users\n";
    136. 

  136. 				$sql .= "where (\n";
    137. 

  137. 				$sql .= "	username = :username\n";
    138. 

  138. 				$sql .= "	or user_email = :username\n";
    139. 

  139. 				$sql .= ")\n";
    140. 

  140. 				if (empty($_SESSION["users"]["unique"]["text"]) || $_SESSION["users"]["unique"]["text"] != "global") {
    141. 

  141. 					//unique username per domain (not globally unique across system - example: email address)
    142. 

  142. 					$sql .= "and domain_uuid = :domain_uuid ";
    143. 

  143. 					$parameters['domain_uuid'] = $this->domain_uuid;
    144. 

  144. 				}
    145. 

  145. 				$sql .= "and (user_type = 'default' or user_type is null) ";
    146. 

  146. 				$parameters['username'] = $this->username;
    147. 

  147. 				$database = new database;
    148. 

  148. 				$row = $database->select($sql, $parameters, 'row');
    149. 

  149. 				if (empty($row) || !is_array($row) || @sizeof($row) == 0) {
    150. 

  150. 					//clear submitted usernames
    151. 

  151. 					unset($this->username, $_SESSION['username'], $_REQUEST['username'], $_POST['username']);
    152. 

  152. 

  153. 					//build the result array
    154. 

  154. 					$result["plugin"] = "totp";
    155. 

  155. 					$result["domain_uuid"] = $_SESSION["domain_uuid"];
    156. 

  156. 					$result["domain_name"] = $_SESSION["domain_name"];
    157. 

  157. 					$result["authorized"] = false;
    158. 

  158. 

  159. 					//retun the array
    160. 

  160. 					return $result;
    161. 

  161. 				}
    162. 

  162. 				unset($parameters);
    163. 

  163. 

  164. 				//set class variables
    165. 

  165. 				$this->user_uuid = $row['user_uuid'];
    166. 

  166. 				$this->user_email = $row['user_email'];
    167. 

  167. 				$this->contact_uuid = $row['contact_uuid'];
    168. 

  168. 				$this->user_totp_secret = $row['user_totp_secret'];
    169. 

  169. 

  170. 				//set a few session variables
    171. 

  171. 				$_SESSION["user_uuid"] = $row['user_uuid'];
    172. 

  172. 				$_SESSION["username"] = $row['username'];
    173. 

  173. 				$_SESSION["user_email"] = $row['user_email'];
    174. 

  174. 				$_SESSION["contact_uuid"] = $row["contact_uuid"];
    175. 

  175. 

  176. 				//get the domain
    177. 

  177. 				$domain_array = explode(":", $_SERVER["HTTP_HOST"]);
    178. 

  178. 				$domain_name = $domain_array[0];
    179. 

  179. 

  180. 				//create token
    181. 

  181. 				//$object = new token;
    182. 

  182. 				//$token = $object->create('login');
    183. 

  183. 

  184. 				//add multi-lingual support
    185. 

  185. 				$language = new text;
    186. 

  186. 				$text = $language->get(null, '/core/authentication');
    187. 

  187. 

  188. 				//initialize a template object
    189. 

  189. 				$view = new template();
    190. 

  190. 				$view->engine = 'smarty';
    191. 

  191. 				$view->template_dir = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/core/authentication/resources/views/';
    192. 

  192. 				$view->cache_dir = sys_get_temp_dir();
    193. 

  193. 				$view->init();
    194. 

  194. 

  195. 				//assign values to the template
    196. 

  196. 				$view->assign("project_path", PROJECT_PATH);
    197. 

  197. 				$view->assign("login_destination_url", $settings['login']['destination']);
    198. 

  198. 				$view->assign("favicon", $settings['theme']['favicon']);
    199. 

  199. 				$view->assign("login_title", $text['label-verify']);
    200. 

  200. 				$view->assign("login_totp_description", $text['label-totp_description']);
    201. 

  201. 				$view->assign("login_authentication_code", $text['label-authentication_code']);
    202. 

  202. 				$view->assign("login_logo_width", $settings['theme']['login_logo_width']);
    203. 

  203. 				$view->assign("login_logo_height", $settings['theme']['login_logo_height']);
    204. 

  204. 				$view->assign("login_logo_source", $settings['theme']['logo']);
    205. 

  205. 				$view->assign("favicon", $settings['theme']['favicon']);
    206. 

  206. 				$view->assign("background_video", $settings['theme']['background_video']);
    207. 

  207. 				if (!empty($_SESSION['username'])) {
    208. 

  208. 					$view->assign("username", $_SESSION['username']);
    209. 

  209. 					$view->assign("button_cancel", $text['button-cancel']);
    210. 

  210. 				}
    211. 

  211. 

  212. 				//show the views
    213. 

  213. 				if (!empty($_SESSION['authentication']['plugin']['database']['authorized']) && empty($this->user_totp_secret)) {
    214. 

  214. 

  215. 					//create the totp secret
    216. 

  216. 					$base32 = new base2n(5, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567', FALSE, TRUE, TRUE);
    217. 

  217. 					$user_totp_secret = $base32->encode(generate_password(20,3));
    218. 

  218. 					$this->user_totp_secret = $user_totp_secret;
    219. 

  219. 

  220. 					//add user setting to array for update
    221. 

  221. 					$x = 0;
    222. 

  222. 					$array['users'][$x]['user_uuid'] = $this->user_uuid;
    223. 

  223. 					$array['users'][$x]['domain_uuid'] = $this->domain_uuid;
    224. 

  224. 					$array['users'][$x]['user_totp_secret'] = $this->user_totp_secret;
    225. 

  225. 

  226. 					//add the user_edit permission
    227. 

  227. 					$p = permissions::new();
    228. 

  228. 					$p->add("user_edit", "temp");
    229. 

  229. 

  230. 					//save the data
    231. 

  231. 					$database = new database;
    232. 

  232. 					$database->app_name = 'users';
    233. 

  233. 					$database->app_uuid = '112124b3-95c2-5352-7e9d-d14c0b88f207';
    234. 

  234. 					$database->save($array);
    235. 

  235. 

  236. 					//remove the temporary permission
    237. 

  237. 					$p->delete("user_edit", "temp");
    238. 

  238. 

  239. 					//qr code includes
    240. 

  240. 					require_once 'resources/qr_code/QRErrorCorrectLevel.php';
    241. 

  241. 					require_once 'resources/qr_code/QRCode.php';
    242. 

  242. 					require_once 'resources/qr_code/QRCodeImage.php';
    243. 

  243. 

  244. 					//build the otp authentication url
    245. 

  245. 					$otpauth = "otpauth://totp/".$this->username;
    246. 

  246. 					$otpauth .= "?secret=".$this->user_totp_secret;
    247. 

  247. 					$otpauth .= "&issuer=".$_SESSION['domain_name'];
    248. 

  248. 

  249. 					//build the qr code image
    250. 

  250. 					try {
    251. 

  251. 						$code = new QRCode (- 1, QRErrorCorrectLevel::H);
    252. 

  252. 						$code->addData($otpauth);
    253. 

  253. 						$code->make();
    254. 

  254. 						$img = new QRCodeImage ($code, $width=210, $height=210, $quality=50);
    255. 

  255. 						$img->draw();
    256. 

  256. 						$image = $img->getImage();
    257. 

  257. 						$img->finish();
    258. 

  258. 					}
    259. 

  259. 					catch (Exception $error) {
    260. 

  260. 						echo $error;
    261. 

  261. 					}
    262. 

  262. 

  263. 					//assign values to the template
    264. 

  264. 					$view->assign("totp_secret", $this->user_totp_secret);
    265. 

  265. 					$view->assign("totp_image", base64_encode($image));
    266. 

  266. 					$view->assign("totp_description", $text['description-totp']);
    267. 

  267. 					$view->assign("button_next", $text['button-next']);
    268. 

  268. 					$view->assign("favicon", $settings['theme']['favicon']);
    269. 

  269. 					$view->assign("message_delay", $settings['theme']['message_delay']);
    270. 

  270. 

  271. 					//messages
    272. 

  272. 					$view->assign('messages', message::html(true, '		'));
    273. 

  273. 

  274. 					//render the template
    275. 

  275. 					$content = $view->render('totp_secret.htm');
    276. 

  276. 				}
    277. 

  277. 				else {
    278. 

  278. 					//assign values to the template
    279. 

  279. 					$view->assign("button_verify", $text['label-verify']);
    280. 

  280. 					$view->assign("message_delay", $settings['theme']['message_delay']);
    281. 

  281. 

  282. 					//messages
    283. 

  283. 					$view->assign('messages', message::html(true, '		'));
    284. 

  284. 

  285. 					//render the template
    286. 

  286. 					$content = $view->render('totp.htm');
    287. 

  287. 				}
    288. 

  288. 				echo $content;
    289. 

  289. 				exit;
    290. 

  290. 			}
    291. 

  291. 

  292. 		//if authorized then verify
    293. 

  293. 			if (isset($_POST['authentication_code'])) {
    294. 

  294. 

  295. 				//get the user details
    296. 

  296. 				$sql = "select user_uuid, user_email, contact_uuid, user_totp_secret\n";
    297. 

  297. 				$sql .= "from v_users\n";
    298. 

  298. 				$sql .= "where (\n";
    299. 

  299. 				$sql .= "	username = :username\n";
    300. 

  300. 				$sql .= "	or user_email = :username\n";
    301. 

  301. 				$sql .= ")\n";
    302. 

  302. 				if ($settings['users']['unique'] != "global") {
    303. 

  303. 					//unique username per domain (not globally unique across system - example: email address)
    304. 

  304. 					$sql .= "and domain_uuid = :domain_uuid ";
    305. 

  305. 					$parameters['domain_uuid'] = $_SESSION["domain_uuid"];
    306. 

  306. 				}
    307. 

  307. 				$parameters['username'] = $_SESSION["username"];
    308. 

  308. 				$database = new database;
    309. 

  309. 				$row = $database->select($sql, $parameters, 'row');
    310. 

  310. 				$this->user_uuid = $row['user_uuid'];
    311. 

  311. 				$this->user_email = $row['user_email'];
    312. 

  312. 				$this->contact_uuid = $row['contact_uuid'];
    313. 

  313. 				$this->user_totp_secret = $row['user_totp_secret'];
    314. 

  314. 				unset($parameters);
    315. 

  315. 

  316. 				//create the authenticator object
    317. 

  317. 				$totp = new google_authenticator;
    318. 

  318. 

  319. 				//validate the code
    320. 

  320. 				if ($totp->checkCode($this->user_totp_secret, $_POST['authentication_code'])) {
    321. 

  321. 					$auth_valid = true;
    322. 

  322. 				}
    323. 

  323. 				else {
    324. 

  324. 					$auth_valid = false;
    325. 

  325. 				}
    326. 

  326. 

  327. 				//clear posted authentication code
    328. 

  328. 				unset($_POST['authentication_code']);
    329. 

  329. 

  330. 				//check if contacts app exists
    331. 

  331. 				$contacts_exists = file_exists($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/app/contacts/') ? true : false;
    332. 

  332. 

  333. 				//get the user details
    334. 

  334. 				if ($auth_valid) {
    335. 

  335. 					//get user data from the database
    336. 

  336. 					$sql = "select ";
    337. 

  337. 					$sql .= "	u.user_uuid, ";
    338. 

  338. 					$sql .= "	u.username, ";
    339. 

  339. 					$sql .= "	u.user_email, ";
    340. 

  340. 					$sql .= "	u.contact_uuid ";
    341. 

  341. 					if ($contacts_exists) {
    342. 

  342. 						$sql .= ",";
    343. 

  343. 						$sql .= "c.contact_organization, ";
    344. 

  344. 						$sql .= "c.contact_name_given, ";
    345. 

  345. 						$sql .= "c.contact_name_family, ";
    346. 

  346. 						$sql .= "a.contact_attachment_uuid ";
    347. 

  347. 					}
    348. 

  348. 					$sql .= "from ";
    349. 

  349. 					$sql .= "	v_users as u ";
    350. 

  350. 					if ($contacts_exists) {
    351. 

  351. 						$sql .= "left join v_contacts as c on u.contact_uuid = c.contact_uuid and u.contact_uuid is not null ";
    352. 

  352. 						$sql .= "left join v_contact_attachments as a on u.contact_uuid = a.contact_uuid and u.contact_uuid is not null and a.attachment_primary = 1 and a.attachment_filename is not null and a.attachment_content is not null ";
    353. 

  353. 					}
    354. 

  354. 					$sql .= "where ";
    355. 

  355. 					$sql .= "	u.user_uuid = :user_uuid ";
    356. 

  356. 					if ($settings['users']['unique'] != "global") {
    357. 

  357. 						//unique username per domain (not globally unique across system - example: email address)
    358. 

  358. 						$sql .= "and u.domain_uuid = :domain_uuid ";
    359. 

  359. 						$parameters['domain_uuid'] = $_SESSION["domain_uuid"];
    360. 

  360. 					}
    361. 

  361. 					$parameters['user_uuid'] = $_SESSION["user_uuid"];
    362. 

  362. 					$database = new database;
    363. 

  363. 					$row = $database->select($sql, $parameters, 'row');
    364. 

  364. 					unset($parameters);
    365. 

  365. 				}
    366. 

  366. 				else {
    367. 

  367. // 					//destroy session
    368. 

  368. // 					session_unset();
    369. 

  369. // 					session_destroy();
    370. 

  370. //
    371. 

  371. // 					//send http 403
    372. 

  372. // 					header('HTTP/1.0 403 Forbidden', true, 403);
    373. 

  373. //
    374. 

  374. // 					//redirect to the root of the website
    375. 

  375. // 					header("Location: ".PROJECT_PATH."/");
    376. 

  376. //
    377. 

  377. // 					//exit the code
    378. 

  378. // 					exit();
    379. 

  379. 

  380. 					//clear authentication session
    381. 

  381. 					unset($_SESSION['authentication']);
    382. 

  382. 

  383. 					// clear username
    384. 

  384. 					unset($_SESSION["username"]);
    385. 

  385. 				}
    386. 

  386. 

  387. 				/*
    388. 

  388. 				//check if user successfully logged in during the interval
    389. 

  389. 					//$sql = "select user_log_uuid, timestamp, user_name, user_agent, remote_address ";
    390. 

  390. 					$sql = "select count(*) as count ";
    391. 

  391. 					$sql .= "from v_user_logs ";
    392. 

  392. 					$sql .= "where domain_uuid = :domain_uuid ";
    393. 

  393. 					$sql .= "and user_uuid = :user_uuid ";
    394. 

  394. 					$sql .= "and user_agent = :user_agent ";
    395. 

  395. 					$sql .= "and type = 'login' ";
    396. 

  396. 					$sql .= "and result = 'success' ";
    397. 

  397. 					$sql .= "and floor(extract(epoch from now()) - extract(epoch from timestamp)) > 3 ";
    398. 

  398. 					$sql .= "and floor(extract(epoch from now()) - extract(epoch from timestamp)) < 300 ";
    399. 

  399. 					$parameters['domain_uuid'] = $this->domain_uuid;
    400. 

  400. 					$parameters['user_uuid'] = $this->user_uuid;
    401. 

  401. 					$parameters['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
    402. 

  402. 					$database = new database;
    403. 

  403. 					$user_log_count = $database->select($sql, $parameters, 'all');
    404. 

  404. 					//view_array($user_log_count);
    405. 

  405. 					unset($sql, $parameters);
    406. 

  406. 				*/
    407. 

  407. 

  408. 				//build the result array
    409. 

  409. 				$result["plugin"] = "totp";
    410. 

  410. 				$result["domain_name"] = $_SESSION["domain_name"];
    411. 

  411. 				$result["username"] = $_SESSION["username"] ?? null;
    412. 

  412. 				$result["user_uuid"] = $_SESSION["user_uuid"];
    413. 

  413. 				$result["domain_uuid"] = $_SESSION["domain_uuid"];
    414. 

  414. 				$result["contact_uuid"] = $_SESSION["contact_uuid"];
    415. 

  415. 				if ($contacts_exists) {
    416. 

  416. 					$result["contact_organization"] = $row["contact_organization"];
    417. 

  417. 					$result["contact_name_given"] = $row["contact_name_given"];
    418. 

  418. 					$result["contact_name_family"] = $row["contact_name_family"];
    419. 

  419. 					$result["contact_image"] = $row["contact_attachment_uuid"];
    420. 

  420. 				}
    421. 

  421. 				$result["authorized"] = $auth_valid ? true : false;
    422. 

  422. 

  423. 				//add the failed login to user logs
    424. 

  424. 				if (!$auth_valid) {
    425. 

  425. 					user_logs::add($result);
    426. 

  426. 				}
    427. 

  427. 

  428. 				//retun the array
    429. 

  429. 				return $result;
    430. 

  430. 

  431. 				//$_SESSION['authentication']['plugin']['totp']['plugin'] = "totp";
    432. 

  432. 				//$_SESSION['authentication']['plugin']['totp']['domain_name'] = $_SESSION["domain_name"];
    433. 

  433. 				//$_SESSION['authentication']['plugin']['totp']['username'] = $row['username'];
    434. 

  434. 				//$_SESSION['authentication']['plugin']['totp']['user_uuid'] = $_SESSION["user_uuid"];
    435. 

  435. 				//$_SESSION['authentication']['plugin']['totp']['contact_uuid'] = $_SESSION["contact_uuid"];
    436. 

  436. 				//$_SESSION['authentication']['plugin']['totp']['domain_uuid'] =  $_SESSION["domain_uuid"];
    437. 

  437. 				//$_SESSION['authentication']['plugin']['totp']['authorized'] = $auth_valid ? true : false;
    438. 

  438. 			}
    439. 

  439. 

  440. 	}
    441. 

  441. }
    442. 

  442. 

  443. ?>
    444.