Stud.IP  6.0
Public Member Functions | Static Public Member Functions | Data Fields
TwoFactorAuth Class Reference

Public Member Functions

 secureSession ()
 
 confirm (string $action, string $text, array $data=[])
 

Static Public Member Functions

static get ()
 
static isEnabledForUser (User $user=null)
 
static removeCookie ()
 

Data Fields

const SESSION_KEY = 'tfa/confirmed'
 
const SESSION_DATA = 'tfa/data'
 
const SESSION_CONFIRMATIONS = 'tfa/confirmations'
 
const SESSION_FAILED = 'tfa/failed'
 
const SESSION_TOKEN_SENT = 'tfa/token-sent'
 
const COOKIE_KEY = 'tfa/authentication'
 

Detailed Description

Class handling the two factor authentication

Author
Jan-Hendrik Willms tleil.nosp@m.ax+s.nosp@m.tudip.nosp@m.@gma.nosp@m.il.co.nosp@m.m GPL2 or any later version
Since
Stud.IP 4.4
See also
TFASecret model

Member Function Documentation

◆ confirm()

confirm ( string  $action,
string  $text,
array  $data = [] 
)

Requests a 2fa token input to confirm a specific action.

Parameters
string$actionName of the action to confirm
string$textText to display to the user
array$dataOptional additional data to pass to the confirmation screen (for internal use)

◆ get()

static get ( )
static

Returns an instance of the authentication

Returns
TwoFactorAuth object

◆ isEnabledForUser()

static isEnabledForUser ( User  $user = null)
static

Returns whether the two factor authentication is enabled for the given user (defaults to current user). The user's permissions decide whether the two factor authentication is enabled or not.

Parameters
User | null$userUser to check (optional, defaults to current user)
Returns
boolean

◆ removeCookie()

static removeCookie ( )
static

◆ secureSession()

secureSession ( )

Secures the current session, if applicable.

This method checks the following:

  • is 2fa enabled for the current user
  • is the request an ajax call
  • does the user have a secret, meaning 2fa is enabled
  • is the secret already confirmed
  • has the session already been confirmed (identified by a valid random token stored in the session)
  • is the computer trusted (identified by a valid random token stored in a cookie)

If the user has 2fa enabled, it's secret is confirmed and the session has not been secured yet, a validation screen with a prompt to enter a valid token is presented to the user.

Field Documentation

◆ COOKIE_KEY

const COOKIE_KEY = 'tfa/authentication'

◆ SESSION_CONFIRMATIONS

const SESSION_CONFIRMATIONS = 'tfa/confirmations'

◆ SESSION_DATA

const SESSION_DATA = 'tfa/data'

◆ SESSION_FAILED

const SESSION_FAILED = 'tfa/failed'

◆ SESSION_KEY

const SESSION_KEY = 'tfa/confirmed'

◆ SESSION_TOKEN_SENT

const SESSION_TOKEN_SENT = 'tfa/token-sent'
The documentation for this class was generated from the following file: