From 7636cfc8376a8856259beca9a176d20846c27a85 Mon Sep 17 00:00:00 2001 From: asierraserna Date: Sun, 3 Oct 2021 16:22:16 +0200 Subject: [PATCH 1/2] Update login.php Added support of two-factor authentication by adding the secret key to pass it to $authenticate->authenticate. It works! :smirk: --- code/site/libraries/authentication/login.php | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/code/site/libraries/authentication/login.php b/code/site/libraries/authentication/login.php index e1bfe98..8d6a0b4 100755 --- a/code/site/libraries/authentication/login.php +++ b/code/site/libraries/authentication/login.php @@ -34,6 +34,7 @@ public function authenticate() $username = $app->input->post->get('username', '', 'STRING'); $password = $app->input->post->get('password', '', 'STRING'); + $secret = $app->input->post->get('secretkey', '', 'STRING'); $userId = $this->loadUserByCredentials($username, $password); @@ -41,6 +42,7 @@ public function authenticate() $uri = JFactory::getURI(); $uri->delVar('username'); $uri->delVar('password'); + $uri->delVar('secretkey'); if ($userId === false) { @@ -57,18 +59,27 @@ public function authenticate() * * @param STRING $user user * @param STRING $pass pass + * @param STRING $secret secretkey * * @return int * * @since 1.6 */ - public function loadUserByCredentials($user, $pass) + public function loadUserByCredentials($user, $pass, $secret = NULL) { jimport('joomla.user.authentication'); $authenticate = JAuthentication::getInstance(); - $response = $authenticate->authenticate(array('username' => $user, 'password' => $pass), $options = array()); + // $response = $authenticate->authenticate(array('username' => $user, 'password' => $pass), $options = array()); + // adding support for two factor authentication + + if ($secret == NULL){ + $response = $authenticate->authenticate(array('username' => $user, 'password' => $pass), $options = array()); + } + else{ + $response = $authenticate->authenticate(array('username' => $user, 'password' => $pass, 'secretkey' => $secret), $options = array()); + } if ($response->status === JAuthentication::STATUS_SUCCESS) { From 8399ab60a14eee07eea2b75c919ffc678f939120 Mon Sep 17 00:00:00 2001 From: asierraserna Date: Sun, 19 Dec 2021 19:16:51 +0100 Subject: [PATCH 2/2] Update login.php refactoring. The if $secret was not really needed --- code/site/libraries/authentication/login.php | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/code/site/libraries/authentication/login.php b/code/site/libraries/authentication/login.php index 8d6a0b4..3274545 100755 --- a/code/site/libraries/authentication/login.php +++ b/code/site/libraries/authentication/login.php @@ -73,13 +73,8 @@ public function loadUserByCredentials($user, $pass, $secret = NULL) // $response = $authenticate->authenticate(array('username' => $user, 'password' => $pass), $options = array()); // adding support for two factor authentication - - if ($secret == NULL){ - $response = $authenticate->authenticate(array('username' => $user, 'password' => $pass), $options = array()); - } - else{ - $response = $authenticate->authenticate(array('username' => $user, 'password' => $pass, 'secretkey' => $secret), $options = array()); - } + + $response = $authenticate->authenticate(array('username' => $user, 'password' => $pass, 'secretkey' => $secret), $options = array()); if ($response->status === JAuthentication::STATUS_SUCCESS) {