mirror/moodle-auth_emailotp
1
0
Fork 0
mirror of https://github.com/PawelSuwinski/moodle-auth_emailotp.git synced 2026-05-16 21:41:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

support standard not email login of existing user, phpdoc corrections

Browse Source
This commit is contained in:
Paweł Suwiński
2020-11-19 09:07:07 +01:00
parent 23c5697841
commit 1ef35c31bd
3 changed files with 43 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
auth.php
View File

@@ -33,6 +33,7 @@ use core\output\notification;
* Email OTP authentication plugin. * Email OTP authentication plugin.
* *
* @see self::user_login() * @see self::user_login()
* @see self::get_user_field()
* @package auth_emailotp * @package auth_emailotp
* @copyright 2020 Pawel Suwinski <psuw@wp.pl> * @copyright 2020 Pawel Suwinski <psuw@wp.pl>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
@@ -63,9 +64,9 @@ class auth_plugin_emailotp extends auth_plugin_base {
} }
/** /**
* Matches only valid and allowed email as username. Validates credentials * Matches only valid email from allowed domains. Validates credentials and
* and password if exists in current session or generates ones for session * password if exists in current session or generates ones for session time
* time on empty password treated as one-time password request. * on empty password treated as one-time password request.
* *
* @param string $username The username * @param string $username The username
* @param string $password The password * @param string $password The password
@@ -73,7 +74,10 @@ class auth_plugin_emailotp extends auth_plugin_base {
*/ */
public function user_login($username, $password) { public function user_login($username, $password) {
global $CFG, $DB; global $CFG, $DB;
if (!validate_email($username) || email_is_not_allowed($username)) { $email = validate_email($username)
? $username // Email as username or signup on first login.
: $this->get_user_field($username, 'email'); // Standard login, existing user.
if (empty($email) || email_is_not_allowed($email)) {
return false; return false;
} }
// OTP already generated and base credentials matches. // OTP already generated and base credentials matches.
@@ -87,17 +91,12 @@ class auth_plugin_emailotp extends auth_plugin_base {
} }
// OTP request - do not proceed on preventaccountcreation when user not exits. // OTP request - do not proceed on preventaccountcreation when user not exits.
if (!isset($_SESSION[self::COMPONENT_NAME]) && empty($password) && ( if (!isset($_SESSION[self::COMPONENT_NAME]) && empty($password) && (
empty($CFG->authpreventaccountcreation) || $DB->get_field('user', 'id', [ empty($CFG->authpreventaccountcreation) || $this->get_user_field($username, 'id'))) {
'username' => $username, if (!$this->min_request_period_fulfilled($email)) {
'mnethostid' => $CFG->mnet_localhost_id,
'auth' => $this->authtype,
'deleted' => 0,
]))) {
if (!$this->min_request_period_fulfilled($username)) {
$this->redirect($username, 'otpperiod', notification::NOTIFY_WARNING); $this->redirect($username, 'otpperiod', notification::NOTIFY_WARNING);
} else if ($this->gen_otp($username)) { } else if ($this->gen_otp($username, $email)) {
\auth_emailotp\event\otp_generated::create(array( \auth_emailotp\event\otp_generated::create(array(
'other' => array('email' => $username), 'other' => array('email' => $email),
))->trigger(); ))->trigger();
$this->redirect($username, 'otpsent', notification::NOTIFY_SUCCESS); $this->redirect($username, 'otpsent', notification::NOTIFY_SUCCESS);
} else { } else {
@@ -114,37 +113,25 @@ class auth_plugin_emailotp extends auth_plugin_base {
notification::NOTIFY_WARNING notification::NOTIFY_WARNING
); );
\auth_emailotp\event\otp_revoked::create(array( \auth_emailotp\event\otp_revoked::create(array(
'other' => array('email' => $username), 'other' => array('email' => $email),
))->trigger(); ))->trigger();
} }
} }
return false; return false;
} }
/**
* {@inheritdoc}
*/
public function is_synchronised_with_external() { public function is_synchronised_with_external() {
return false; return false;
} }
/**
* {@inheritdoc}
*/
public function is_internal() { public function is_internal() {
return false; return false;
} }
/**
* {@inheritdoc}
*/
public function can_be_manually_set() { public function can_be_manually_set() {
return true; return true;
} }
/**
* {@inheritdoc}
*/
public function user_authenticated_hook(&$user, $username, $password) { public function user_authenticated_hook(&$user, $username, $password) {
// Destroy credentials - is already used. // Destroy credentials - is already used.
if (isset($_SESSION[self::COMPONENT_NAME])) { if (isset($_SESSION[self::COMPONENT_NAME])) {
@@ -153,7 +140,13 @@ class auth_plugin_emailotp extends auth_plugin_base {
} }
/** /**
* {@inheritdoc} * get_userinfo
*
* Signup and user creation on first login takes place only in case of
* using email address as username.
*
* @param string $username
* @return array
*/ */
public function get_userinfo($username) { public function get_userinfo($username) {
$this->get_custom_user_profile_fields(); $this->get_custom_user_profile_fields();
@@ -195,9 +188,10 @@ class auth_plugin_emailotp extends auth_plugin_base {
* gen_otp * gen_otp
* *
* @param string $username * @param string $username
* @param string $email
* @return bool * @return bool
*/ */
protected function gen_otp(string $username) { protected function gen_otp(string $username, string $email) {
global $CFG; global $CFG;
$newpassword = generate_password(); $newpassword = generate_password();
$_SESSION[self::COMPONENT_NAME] = array( $_SESSION[self::COMPONENT_NAME] = array(
@@ -209,7 +203,7 @@ class auth_plugin_emailotp extends auth_plugin_base {
'id' => -1, // Fake due email_to_user() requirements. 'id' => -1, // Fake due email_to_user() requirements.
'auth' => $this->authtype, 'auth' => $this->authtype,
'username' => $username, 'username' => $username,
'email' => $username, 'email' => $email,
'password' => $newpassword, 'password' => $newpassword,
); );
return email_to_user($user, core_user::get_support_user(), return email_to_user($user, core_user::get_support_user(),
@@ -257,4 +251,22 @@ class auth_plugin_emailotp extends auth_plugin_base {
) )
) === 0; ) === 0;
} }
/**
* get_user_field
*
* @see moodle_database::get_field()
* @param string $username
* @param string $field
* @return mixed
*/
protected function get_user_field(string $username, string $field) {
global $CFG, $DB;
return $DB->get_field('user', $field, array(
'username' => $username,
'mnethostid' => $CFG->mnet_localhost_id,
'auth' => $this->authtype,
'deleted' => 0,
));
}
} }

2
lang/en/auth_emailotp.php
View File

@@ -37,7 +37,7 @@ $string['revokethreshold_help'] = 'Login failures limit causing revoke of the ge
$string['minrequestperiod'] = 'Minium period'; $string['minrequestperiod'] = 'Minium period';
$string['minrequestperiod_help'] = 'A time in seconds after which another password can be generated (0 - unrestricted). Enabled logstore required.'; $string['minrequestperiod_help'] = 'A time in seconds after which another password can be generated (0 - unrestricted). Enabled logstore required.';
$string['logstorerequired'] = '<b>Notice: no working logstore! <a href="{$a}">Enable logstore</a> or set time to 0.</b>'; $string['logstorerequired'] = '<b>Notice: no working logstore! <a href="{$a}">Enable logstore</a> or set time to 0.</b>';
$string['fieldsmapping'] = 'User profile fields mapping'; $string['fieldsmapping'] = 'User profile fields mapping on signup';
$string['fieldsmapping_pattern'] = 'Pattern'; $string['fieldsmapping_pattern'] = 'Pattern';
$string['fieldsmapping_pattern_help'] = 'Capturing groups PCRE pattern.'; $string['fieldsmapping_pattern_help'] = 'Capturing groups PCRE pattern.';
$string['fieldsmapping_mapping'] = 'Mapping'; $string['fieldsmapping_mapping'] = 'Mapping';

2
lang/pl/auth_emailotp.php
View File

@@ -37,7 +37,7 @@ $string['revokethreshold_help'] = 'Limit nieudanych logowań unieważniających
$string['minrequestperiod'] = 'Minimalny odstęp'; $string['minrequestperiod'] = 'Minimalny odstęp';
$string['minrequestperiod_help'] = 'Czas w sekundach, po którym kolejne hasło może być wygenerowane (0 - nieograniczony). Wymaga działającego loggera.'; $string['minrequestperiod_help'] = 'Czas w sekundach, po którym kolejne hasło może być wygenerowane (0 - nieograniczony). Wymaga działającego loggera.';
$string['logstorerequired'] = '<b>Uwaga: logger nieaktywny! <a href="{$a}">Aktywuj logger</a> albo ustaw czas na 0.</b>'; $string['logstorerequired'] = '<b>Uwaga: logger nieaktywny! <a href="{$a}">Aktywuj logger</a> albo ustaw czas na 0.</b>';
$string['fieldsmapping'] = 'Mapowanie pól profilu użytkownika'; $string['fieldsmapping'] = 'Mapowanie pól profilu użytkownika podczas rejestracji';
$string['fieldsmapping_pattern'] = 'Wzorzec'; $string['fieldsmapping_pattern'] = 'Wzorzec';
$string['fieldsmapping_pattern_help'] = 'Grupujące wyrażenie regularne PCRE.'; $string['fieldsmapping_pattern_help'] = 'Grupujące wyrażenie regularne PCRE.';
$string['fieldsmapping_mapping'] = 'Mapowanie'; $string['fieldsmapping_mapping'] = 'Mapowanie';