| 1: | <?php
|
| 2: | namespace Opencart\catalog\controller\startup;
|
| 3: | |
| 4: | |
| 5: | |
| 6: | |
| 7: |
|
| 8: | class Authorize extends \Opencart\System\Engine\Controller {
|
| 9: | |
| 10: | |
| 11: |
|
| 12: | public function index(): ?\Opencart\System\Engine\Action {
|
| 13: | if (isset($this->request->get['route'])) {
|
| 14: | $route = (string)$this->request->get['route'];
|
| 15: | } else {
|
| 16: | $route = '';
|
| 17: | }
|
| 18: |
|
| 19: | if (isset($this->request->cookie['authorize'])) {
|
| 20: | $token = (string)$this->request->cookie['authorize'];
|
| 21: | } else {
|
| 22: | $token = '';
|
| 23: | }
|
| 24: |
|
| 25: |
|
| 26: | $pos = strrpos($route, '.');
|
| 27: |
|
| 28: | if ($pos !== false) {
|
| 29: | $route = substr($route, 0, $pos);
|
| 30: | }
|
| 31: |
|
| 32: | $ignore = [
|
| 33: | 'account/login',
|
| 34: | 'account/logout',
|
| 35: | 'account/forgotten',
|
| 36: | 'account/authorize'
|
| 37: | ];
|
| 38: |
|
| 39: | if ($this->config->get('config_security') && !in_array($route, $ignore)) {
|
| 40: | $this->load->model('user/user');
|
| 41: |
|
| 42: | $token_info = $this->model_user_user->getAuthorizeByToken($this->user->getId(), $token);
|
| 43: |
|
| 44: | if (!$token_info || !$token_info['status'] && $token_info['attempts'] <= 2) {
|
| 45: | return new \Opencart\System\Engine\Action('common/authorize');
|
| 46: | }
|
| 47: |
|
| 48: | if ($token_info && !$token_info['status'] && $token_info['attempts'] > 2) {
|
| 49: | return new \Opencart\System\Engine\Action('common/authorize.unlock');
|
| 50: | }
|
| 51: | }
|
| 52: |
|
| 53: | return null;
|
| 54: | }
|
| 55: | }
|
| 56: | |