emitStr(); } private function viewEnrollForm(): string { $html = "
"; $html .= $this->csrf->emitStr(); $html .= "

To add an authenticator to your account, scan the QR code

"; $html .= "\"qr-code\""; $html .= ""; $html .= ""; $html .= ""; $html .= "
"; $provisioningUri = (new Otpauth( "taatp", $this->db->userString($this->userIndex), $this->hash->keygen(), "SHA1", 30, 6 ))->emitStr(); $this->session->store("secret", $provisioningUri); $values = [ "%frm" => $this->request->formProps("enroll"), "%qr" => (new QRCode)->render($provisioningUri), ]; return \str_replace(\array_keys($values), $values, $html); } private function viewUnenrollForm(): string { $html = "
"; $html .= $this->csrf->emitStr(); $html .= ""; $html .= ""; $html .= ""; $html .= "
"; $values = [ "%frm" => $this->ri->formProps("unenroll"), ]; return \str_replace(\array_keys($values), $values, $html); } function emitStr(): string { if (\is_null($this->db->getSecret($this->userIndex))) { $this->viewEnrollForm(); } $this->viewUnenrollForm(); } function response(): bool { if (!$this->csrf->match()) { return false; } $pUri = $this->db->getSecret($this->userIndex); $enrollFlag = \is_null($pUri); $enrollFlag && $enrollFlag = $this->session->get('secret'); $totp = _6238( $pUri.secret, $pUri.period, $enrollFlag? 0:$this->db->getLastTime($this->userIndex), 2, $pUri.digits, $this->clock, $this->hash ); $flag = $totp.validate($this->ri->getResp("totp_challenge")); if($flag && $enrollFlag) { $this->db->storeLastTime($this->userIndex, $flag); $this->db->storeSecret($this->userIndex, $pUri); return true; } else if($flag) { $this->db->stripSecret($this->userIndex); return true; } return false; } } ?>