Stud.IP  5.4
TwoFactorAuth Class Reference

Public Member Functions

 secureSession ()
 confirm ($action, $text, array $data=[])

Static Public Member Functions

static get ()
static isEnabledForUser (User $user=null)
static removeCookie ()

Data Fields

const SESSION_KEY = 'tfa/confirmed'
const SESSION_REDIRECT = 'tfa/redirect'
const SESSION_ENFORCE = 'tfa/enforce'
const SESSION_DATA = 'tfa/data'
const SESSION_CONFIRMATIONS = 'tfa/confirmations'
const SESSION_FAILED = 'tfa/failed'
const SESSION_TOKEN_SENT = 'tfa/token-sent'
const COOKIE_KEY = 'tfa/authentication'

Detailed Description

Class handling the two factor authentication

Jan-Hendrik Willms GPL2 or any later version
Stud.IP 4.4
See also
TFASecret model

Member Function Documentation

◆ confirm()

confirm (   $action,
array  $data = [] 

Requests a 2fa token input to confirm a specific action.

string$actionName of the action to confirm
string$textText to display to the user
array$dataOptional additional data to pass to the confirmation screen (for internal use)

◆ get()

static get ( )

Returns an instance of the authentication

TwoFactorAuth object

◆ isEnabledForUser()

static isEnabledForUser ( User  $user = null)

Returns whether the two factor authentication is enabled for the given user (defaults to current user). The user's permissions decide whether the two factor authentication is enabled or not.

User$userUser to check (optional, defaults to current user)

◆ removeCookie()

static removeCookie ( )

◆ secureSession()

secureSession ( )

Secures the current session, if applicable.

This method checks the following:

  • is 2fa enabled for the current user
  • is the request an ajax call
  • does the user have a secret, meaning 2fa is enabled
  • is the secret already confirmed
  • has the session already been confirmed (identified by a valid random token stored in the session)
  • is the computer trusted (identified by a valid random token stored in a cookie)

If the user has 2fa enabled, it's secret is confirmed and the session has not been secured yet, a validation screen with a prompt to enter a valid token is presented to the user.

Field Documentation


const COOKIE_KEY = 'tfa/authentication'


const SESSION_CONFIRMATIONS = 'tfa/confirmations'


const SESSION_DATA = 'tfa/data'


const SESSION_ENFORCE = 'tfa/enforce'


const SESSION_FAILED = 'tfa/failed'


const SESSION_KEY = 'tfa/confirmed'


const SESSION_REDIRECT = 'tfa/redirect'


const SESSION_TOKEN_SENT = 'tfa/token-sent'

The documentation for this class was generated from the following file: