Added two factor auth verification

bajb · bajb · commit ac8f07605910 · 2015-10-20T16:53:51.000+01:00
diff --git a/format/login.json b/format/login.json
@@ -5,6 +5,7 @@
   "displayName": "John Smith",
   "userType": 1,
   "token": "0037SCRgGuX0D5CLlAIk5fwg7raV3xF3Sw97sYLr",
+  "sessionId": 123,
   "refresh": "0XWV6Xdw4EdNAgwZ8srJuLo7lo7Lz4l5qhsM1r7P",
   "expiry": "1444897254",
   "authIp": "127.0.0.1",
diff --git a/format/twofactor.json b/format/twofactor.json
@@ -0,0 +1,4 @@
+{
+  "token": "2FaverificationToken",
+  "verify": "md5: userFid + secret + token + sessionId"
+}
diff --git a/src/AbstractCookieReader.php b/src/AbstractCookieReader.php
@@ -0,0 +1,46 @@
+<?php
+namespace Fortifi\Login;
+
+abstract class AbstractCookieReader
+{
+  protected $_cookie;
+
+  /**
+   * @return string
+   *
+   * @throws \Exception
+   */
+  public static function cookieName()
+  {
+    throw new \Exception("Cookie name must be used");
+  }
+
+  public function __construct($cookie = null)
+  {
+    if(!empty($cookie))
+    {
+      $this->_cookie = json_decode(base64_decode(rawurldecode($cookie)));
+    }
+  }
+
+  public static function fromGlobals()
+  {
+    $cookie = null;
+    if(isset($_COOKIE[static::cookieName()]))
+    {
+      $cookie = $_COOKIE[static::cookieName()];
+    }
+    return new static($cookie);
+  }
+
+  protected function _property($property, $default = null)
+  {
+    return isset($this->_cookie[$property]) ?
+      $this->_cookie[$property] : $default;
+  }
+
+  public function isPresent()
+  {
+    return $this->_cookie !== null && array_key_exists('token', $this->_cookie);
+  }
+}
diff --git a/src/LoginCookie.php b/src/LoginCookie.php
@@ -1,39 +1,14 @@
 <?php
 namespace Fortifi\Login;
 
-class LoginCookie
+class LoginCookie extends AbstractCookieReader
 {
-  const COOKIE_NAME = 'FRTLGN';
-
-  protected $_cookie;
-
-  public function __construct($cookie = null)
-  {
-    if(!empty($cookie))
-    {
-      $this->_cookie = json_decode(base64_decode(rawurldecode($cookie)));
-    }
-  }
-
-  public static function fromGlobals()
-  {
-    $cookie = null;
-    if(isset($_COOKIE[static::COOKIE_NAME]))
-    {
-      $cookie = $_COOKIE[static::COOKIE_NAME];
-    }
-    return new static($cookie);
-  }
-
-  public function isPresent()
+  /**
+   * @return string
+   */
+  public static function cookieName()
   {
-    return $this->_cookie !== null && array_key_exists('token', $this->_cookie);
-  }
-
-  protected function _property($property, $default = null)
-  {
-    return isset($this->_cookie[$property]) ?
-      $this->_cookie[$property] : $default;
+    return 'FRTLGN';
   }
 
   public function getCustomerFid($default = null)
@@ -81,6 +56,11 @@ public function isExpired()
     return $this->getTokenExpiry() < time();
   }
 
+  public function getSessionId()
+  {
+    return $this->_property('sessionId');
+  }
+
   public function getAuthedIp()
   {
     return $this->_property('authIp');
diff --git a/src/TwoFactorCookie.php b/src/TwoFactorCookie.php
@@ -0,0 +1,29 @@
+<?php
+namespace Fortifi\Login;
+
+class TwoFactorCookie extends AbstractCookieReader
+{
+  /**
+   * @return string
+   */
+  public static function cookieName()
+  {
+    return 'FRT2FA';
+  }
+
+  public function get2FaToken()
+  {
+    return $this->_property('token');
+  }
+
+  public function verifyCookie($secret, LoginCookie $login)
+  {
+    $check = md5(
+      $login->getUserFid() .
+      $secret .
+      $this->_property('token') .
+      $login->getSessionId()
+    );
+    return $check === $this->_property('verify');
+  }
+}

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +{
 +  "token": "2FaverificationToken",
 +  "verify": "md5: userFid + secret + token + sessionId"
 +}