Plugin: Whispeak ask password when speech auth fails - refs BT#15816

plugin/whispeakauth/ajax/record_audio.php

@@ -21,9 +21,10 @@ if ($isEnrollment) {
 
     $isAllowed = !empty($_FILES['audio']);
 } elseif ($isAuthentify) {
+    $userId = api_get_user_id();
     $user2fa = ChamiloSession::read(WhispeakAuthPlugin::SESSION_2FA_USER, 0);
 
-    if (!empty($user2fa)) {
+    if (!empty($user2fa) || !empty($userId)) {
         $isAllowed = !empty($_FILES['audio']);
     } else {
         $isAllowed = !empty($_POST['username']) && !empty($_FILES['audio']);
@@ -53,6 +54,8 @@ if ($isAuthentify) {
 
     if (!empty($user2fa)) {
         $user = api_get_user_entity($user2fa);
+    } elseif (!empty($userId)) {
+        $user = api_get_user_entity($userId);
     } else {
         /** @var User|null $user */
         $user = UserManager::getRepository()->findOneBy(['username' => $_POST['username']]);
@@ -197,7 +200,20 @@ if ($isAuthentify) {
         false
     );
 
+    /** @var array $lpItemInfo */
+    $lpItemInfo = ChamiloSession::read(WhispeakAuthPlugin::SESSION_LP_ITEM, []);
+
     if (!$success && $maxAttempts && $failedLogins >= $maxAttempts) {
+        if (!empty($lpItemInfo)) {
+            ChamiloSession::erase(WhispeakAuthPlugin::SESSION_FAILED_LOGINS);
+
+            echo '<script>window.setTimeout(function () {
+                    window.location.href = "'.api_get_path(WEB_PLUGIN_PATH).'whispeakauth/authentify_password.php";
+                }, 1500);</script>';
+
+            exit;
+        }
+
         echo '<script>window.setTimeout(function () {
             window.location.href = "'.api_get_path(WEB_PATH).'";
             }, 1500);</script>';
@@ -206,6 +222,18 @@ if ($isAuthentify) {
     }
 
     if ($success) {
+        if (!empty($lpItemInfo)) {
+            ChamiloSession::erase(WhispeakAuthPlugin::SESSION_FAILED_LOGINS);
+            ChamiloSession::erase(WhispeakAuthPlugin::SESSION_LP_ITEM);
+            ChamiloSession::erase(WhispeakAuthPlugin::SESSION_2FA_USER);
+
+            echo '<script>window.setTimeout(function () {
+                    window.location.href = "'.$lpItemInfo['src'].'";
+                }, 1500);</script>';
+
+            exit;
+        }
+
         $loggedUser = [
             'user_id' => $user->getId(),
             'status' => $user->getStatus(),

plugin/whispeakauth/authentify.php

@@ -23,40 +23,8 @@ if ($userId) {
     $wsid = WhispeakAuthPlugin::getAuthUidValue($userId);
 
     if (empty($wsid)) {
-        $form = new FormValidator(
+        header('Location: '.api_get_path(WEB_PLUGIN_PATH).'whispeakauth/authentify_password.php');
-            'form-login',
-            'POST',
-            api_get_path(WEB_PLUGIN_PATH).'whispeakauth/ajax/authentify_password.php',
-            null,
-            null,
-            FormValidator::LAYOUT_BOX_NO_LABEL
-        );
-        $form->addElement(
-            'password',
-            'password',
-            get_lang('Pass'),
-            ['id' => 'password', 'icon' => 'lock fa-fw', 'placeholder' => get_lang('Pass')]
-        );
-        $form->addHidden('sec_token', '');
-        $form->setConstants(['sec_token' => Security::get_token()]);
-        $form->addButton('submitAuth', get_lang('LoginEnter'), 'check', 'primary', 'default', 'btn-block');
 
-        $template = new Template(
-            !$showHeader ? '' : $plugin->get_title(),
-            $showHeader,
-            $showHeader,
-            false,
-            true,
-            false
-        );
-        $template->assign('message', Display::return_message($plugin->get_lang('SpeechAuthNotEnrolled'), 'warning'));
-        $template->assign('form', $form->returnForm());
-
-        $content = $template->fetch('whispeakauth/view/authentify_password.html.twig');
-
-        $template->assign('header', $plugin->get_title());
-        $template->assign('content', $content);
-        $template->display_one_col_template();
         exit;
     }
 }

plugin/whispeakauth/authentify_password.php

@@ -0,0 +1,58 @@
+<?php
+/* For licensing terms, see /license.txt */
+
+$cidReset = true;
+
+require_once __DIR__.'/../../main/inc/global.inc.php';
+
+$plugin = WhispeakAuthPlugin::create();
+
+$plugin->protectTool();
+
+$userId = ChamiloSession::read(WhispeakAuthPlugin::SESSION_2FA_USER, 0) ?: api_get_user_id();
+
+/** @var array $lpItemInfo */
+$lpItemInfo = ChamiloSession::read(WhispeakAuthPlugin::SESSION_LP_ITEM, []);
+/** @var learnpath $oLp */
+$oLp = ChamiloSession::read('oLP', null);
+
+$showHeader = empty($lpItemInfo) || empty($oLp);
+
+if (empty($userId)) {
+    api_not_allowed($showHeader);
+}
+
+$form = new FormValidator(
+    'form-login',
+    'POST',
+    api_get_path(WEB_PLUGIN_PATH).'whispeakauth/ajax/authentify_password.php',
+    null,
+    null,
+    FormValidator::LAYOUT_BOX_NO_LABEL
+);
+$form->addElement(
+    'password',
+    'password',
+    get_lang('Pass'),
+    ['id' => 'password', 'icon' => 'lock fa-fw', 'placeholder' => get_lang('Pass')]
+);
+$form->addHidden('sec_token', '');
+$form->setConstants(['sec_token' => Security::get_token()]);
+$form->addButton('submitAuth', get_lang('LoginEnter'), 'check', 'primary', 'default', 'btn-block');
+
+$template = new Template(
+    !$showHeader ? '' : $plugin->get_title(),
+    $showHeader,
+    $showHeader,
+    false,
+    true,
+    false
+);
+$template->assign('message', Display::return_message($plugin->get_lang('SpeechAuthNotEnrolled'), 'warning'));
+$template->assign('form', $form->returnForm());
+
+$content = $template->fetch('whispeakauth/view/authentify_password.html.twig');
+
+$template->assign('header', $plugin->get_title());
+$template->assign('content', $content);
+$template->display_one_col_template();