From 00ac8a67d5c64089470c43788dd5edb10c301f19 Mon Sep 17 00:00:00 2001 From: Angel Fernando Quiroz Campos Date: Mon, 15 Jul 2019 18:09:55 -0500 Subject: [PATCH] Plugin: Whispeak ask password when speech auth fails - refs BT#15816 --- plugin/whispeakauth/ajax/record_audio.php | 30 ++++++++++- plugin/whispeakauth/authentify.php | 34 +----------- plugin/whispeakauth/authentify_password.php | 58 +++++++++++++++++++++ 3 files changed, 88 insertions(+), 34 deletions(-) create mode 100644 plugin/whispeakauth/authentify_password.php diff --git a/plugin/whispeakauth/ajax/record_audio.php b/plugin/whispeakauth/ajax/record_audio.php index 1e5a44183d..8237fb37ab 100644 --- a/plugin/whispeakauth/ajax/record_audio.php +++ b/plugin/whispeakauth/ajax/record_audio.php @@ -21,9 +21,10 @@ if ($isEnrollment) { $isAllowed = !empty($_FILES['audio']); } elseif ($isAuthentify) { + $userId = api_get_user_id(); $user2fa = ChamiloSession::read(WhispeakAuthPlugin::SESSION_2FA_USER, 0); - if (!empty($user2fa)) { + if (!empty($user2fa) || !empty($userId)) { $isAllowed = !empty($_FILES['audio']); } else { $isAllowed = !empty($_POST['username']) && !empty($_FILES['audio']); @@ -53,6 +54,8 @@ if ($isAuthentify) { if (!empty($user2fa)) { $user = api_get_user_entity($user2fa); + } elseif (!empty($userId)) { + $user = api_get_user_entity($userId); } else { /** @var User|null $user */ $user = UserManager::getRepository()->findOneBy(['username' => $_POST['username']]); @@ -197,7 +200,20 @@ if ($isAuthentify) { false ); + /** @var array $lpItemInfo */ + $lpItemInfo = ChamiloSession::read(WhispeakAuthPlugin::SESSION_LP_ITEM, []); + if (!$success && $maxAttempts && $failedLogins >= $maxAttempts) { + if (!empty($lpItemInfo)) { + ChamiloSession::erase(WhispeakAuthPlugin::SESSION_FAILED_LOGINS); + + echo ''; + + exit; + } + echo ''; @@ -206,6 +222,18 @@ if ($isAuthentify) { } if ($success) { + if (!empty($lpItemInfo)) { + ChamiloSession::erase(WhispeakAuthPlugin::SESSION_FAILED_LOGINS); + ChamiloSession::erase(WhispeakAuthPlugin::SESSION_LP_ITEM); + ChamiloSession::erase(WhispeakAuthPlugin::SESSION_2FA_USER); + + echo ''; + + exit; + } + $loggedUser = [ 'user_id' => $user->getId(), 'status' => $user->getStatus(), diff --git a/plugin/whispeakauth/authentify.php b/plugin/whispeakauth/authentify.php index bfd348ec15..d6b4c0701a 100644 --- a/plugin/whispeakauth/authentify.php +++ b/plugin/whispeakauth/authentify.php @@ -23,40 +23,8 @@ if ($userId) { $wsid = WhispeakAuthPlugin::getAuthUidValue($userId); if (empty($wsid)) { - $form = new FormValidator( - 'form-login', - 'POST', - api_get_path(WEB_PLUGIN_PATH).'whispeakauth/ajax/authentify_password.php', - null, - null, - FormValidator::LAYOUT_BOX_NO_LABEL - ); - $form->addElement( - 'password', - 'password', - get_lang('Pass'), - ['id' => 'password', 'icon' => 'lock fa-fw', 'placeholder' => get_lang('Pass')] - ); - $form->addHidden('sec_token', ''); - $form->setConstants(['sec_token' => Security::get_token()]); - $form->addButton('submitAuth', get_lang('LoginEnter'), 'check', 'primary', 'default', 'btn-block'); + header('Location: '.api_get_path(WEB_PLUGIN_PATH).'whispeakauth/authentify_password.php'); - $template = new Template( - !$showHeader ? '' : $plugin->get_title(), - $showHeader, - $showHeader, - false, - true, - false - ); - $template->assign('message', Display::return_message($plugin->get_lang('SpeechAuthNotEnrolled'), 'warning')); - $template->assign('form', $form->returnForm()); - - $content = $template->fetch('whispeakauth/view/authentify_password.html.twig'); - - $template->assign('header', $plugin->get_title()); - $template->assign('content', $content); - $template->display_one_col_template(); exit; } } diff --git a/plugin/whispeakauth/authentify_password.php b/plugin/whispeakauth/authentify_password.php new file mode 100644 index 0000000000..a5c07be03b --- /dev/null +++ b/plugin/whispeakauth/authentify_password.php @@ -0,0 +1,58 @@ +protectTool(); + +$userId = ChamiloSession::read(WhispeakAuthPlugin::SESSION_2FA_USER, 0) ?: api_get_user_id(); + +/** @var array $lpItemInfo */ +$lpItemInfo = ChamiloSession::read(WhispeakAuthPlugin::SESSION_LP_ITEM, []); +/** @var learnpath $oLp */ +$oLp = ChamiloSession::read('oLP', null); + +$showHeader = empty($lpItemInfo) || empty($oLp); + +if (empty($userId)) { + api_not_allowed($showHeader); +} + +$form = new FormValidator( + 'form-login', + 'POST', + api_get_path(WEB_PLUGIN_PATH).'whispeakauth/ajax/authentify_password.php', + null, + null, + FormValidator::LAYOUT_BOX_NO_LABEL +); +$form->addElement( + 'password', + 'password', + get_lang('Pass'), + ['id' => 'password', 'icon' => 'lock fa-fw', 'placeholder' => get_lang('Pass')] +); +$form->addHidden('sec_token', ''); +$form->setConstants(['sec_token' => Security::get_token()]); +$form->addButton('submitAuth', get_lang('LoginEnter'), 'check', 'primary', 'default', 'btn-block'); + +$template = new Template( + !$showHeader ? '' : $plugin->get_title(), + $showHeader, + $showHeader, + false, + true, + false +); +$template->assign('message', Display::return_message($plugin->get_lang('SpeechAuthNotEnrolled'), 'warning')); +$template->assign('form', $form->returnForm()); + +$content = $template->fetch('whispeakauth/view/authentify_password.html.twig'); + +$template->assign('header', $plugin->get_title()); +$template->assign('content', $content); +$template->display_one_col_template();