| 1: | <?php
|
| 2: | namespace Opencart\Admin\Controller\Startup;
|
| 3: | |
| 4: | |
| 5: | |
| 6: | |
| 7: |
|
| 8: | class Authorize extends \Opencart\System\Engine\Controller {
|
| 9: | |
| 10: | |
| 11: | |
| 12: | |
| 13: |
|
| 14: | public function index(): ?\Opencart\System\Engine\Action {
|
| 15: | if (isset($this->request->get['route'])) {
|
| 16: | $route = (string)$this->request->get['route'];
|
| 17: | } else {
|
| 18: | $route = '';
|
| 19: | }
|
| 20: |
|
| 21: | if (isset($this->request->cookie['authorize'])) {
|
| 22: | $token = (string)$this->request->cookie['authorize'];
|
| 23: | } else {
|
| 24: | $token = '';
|
| 25: | }
|
| 26: |
|
| 27: |
|
| 28: | $pos = strrpos($route, '.');
|
| 29: |
|
| 30: | if ($pos !== false) {
|
| 31: | $route = substr($route, 0, $pos);
|
| 32: | }
|
| 33: |
|
| 34: | $ignore = [
|
| 35: | 'common/login',
|
| 36: | 'common/logout',
|
| 37: | 'common/forgotten',
|
| 38: | 'common/authorize'
|
| 39: | ];
|
| 40: |
|
| 41: | if ($this->config->get('config_user_2fa') && !in_array($route, $ignore)) {
|
| 42: | $this->load->model('user/user');
|
| 43: |
|
| 44: | $token_info = $this->model_user_user->getAuthorizeByToken($this->user->getId(), $token);
|
| 45: |
|
| 46: | if (!$token_info || !$token_info['status'] && $token_info['attempts'] <= 2) {
|
| 47: | return new \Opencart\System\Engine\Action('common/authorize');
|
| 48: | }
|
| 49: |
|
| 50: | if ($token_info && !$token_info['status'] && $token_info['attempts'] > 2) {
|
| 51: | return new \Opencart\System\Engine\Action('common/authorize.unlock');
|
| 52: | }
|
| 53: | }
|
| 54: |
|
| 55: | return null;
|
| 56: | }
|
| 57: | }
|
| 58: | |