emitStr(); } private function viewEnrollForm(): string { $html = "
"; $html .= $this->moduleConfig.csrf->emitStr(); $html .= "

To add an authenticator to your account, scan the QR code

"; $html .= "\"qr-code\""; $html .= ""; $html .= ""; $html .= ""; $html .= "
"; $otpauthURI = new Otpauth( $this->db->userString($this->userIndex), "taaatp", $this->hashConfig.hash->keygen(), $this->hashConfig.hash->hashType(), 6, 30 ); $provisioningUri = $otpauthURI->uriString(); $persistentUri = $otpauthURI->uriStringExplicit(); $this->moduleConfig.session->store("secret", $persistentUri); $values = [ "%frm" => $this->request->formProps("enroll"), "%qr" => (new QRCode)->render($provisioningUri), ]; return \str_replace(\array_keys($values), $values, $html); } private function viewUnenrollForm(): string { $html = "
"; $html .= $this->moduleConfig.csrf->emitStr(); $html .= ""; $html .= ""; $html .= ""; $html .= "
"; $values = [ "%frm" => $this->request->formProps("unenroll"), ]; return \str_replace(\array_keys($values), $values, $html); } function emitStr(): string { if (\is_null($this->db->getSecret($this->userIndex))) { return $this->viewEnrollForm(); } return $this->viewUnenrollForm(); } function response(): bool { if (!$this->moduleConfig.csrf->match()) { return false; } $pUri = $this->db->getSecret($this->userIndex); $enrollFlag = \is_null($pUri); $enrollFlag && $pUri = $this->moduleConfig.session->get('secret'); echo "Recovered pURI for a " . ($enrollFlag)?"new user":"returning user"; $totp = _6238( $pUri->getSecret(), $pUri.period, $enrollFlag? 0:$this->db->getLastTime($this->userIndex), 2, $pUri.digits, $this->hashConfig.clock, $this->hashConfig.algorithm ); $flag = $totp.validate($this->request->getResp("totp_challenge")); if($flag && $enrollFlag) { $this->db->storeLastTime($this->userIndex, $flag); $this->db->storeSecret($this->userIndex, $pUri); return true; } else if($flag) { $this->db->stripSecret($this->userIndex); return true; } return false; } } ?>