miniOrange_2factor - Version 1.0.3

Version Notes

==1.0.3==
Bug fixes

Download this release

Release Info

Developer miniOrange inc.
Extension miniOrange_2factor
Version 1.0.3
Comparing to
See all releases


Code changes from version 1.0.2 to 1.0.3

app/code/community/miniOrange/2factor/Block/mo2fConfig.php CHANGED
@@ -3,7 +3,7 @@ class MiniOrange_2factor_Block_mo2fConfig extends Mage_Core_Block_Template{
3
 
4
 
5
  public function isEnabled(){
6
- $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
7
  $admin = Mage::getSingleton('admin/session')->getUser();
8
  $id = $admin->getUserId();
9
  if($customer->getConfig('isEnabled',$id)==1){
@@ -23,7 +23,7 @@ class MiniOrange_2factor_Block_mo2fConfig extends Mage_Core_Block_Template{
23
  }
24
 
25
  public function getHostURl(){
26
- return Mage::helper('MiniOrange_2factor/mo2fUtility')->getHostURl();
27
  }
28
 
29
  public function getqrCode(){
@@ -44,8 +44,17 @@ class MiniOrange_2factor_Block_mo2fConfig extends Mage_Core_Block_Template{
44
  }
45
  }
46
 
 
 
 
 
 
 
 
 
47
  public function showEmail(){
48
  $admin = Mage::getSingleton('admin/session')->getUser();
 
49
  $id = $admin->getUserId();
50
  return $customer->showEmail($id);
51
  }
@@ -67,27 +76,35 @@ class MiniOrange_2factor_Block_mo2fConfig extends Mage_Core_Block_Template{
67
  return $url.'adminhtml/default/default/images/MiniOrange_2factor/'.$image.'.png';
68
  }
69
 
70
- public function getEmail(){
71
- return Mage::getStoreConfig('miniorange_2factor_options/register/miniorange_2factor_username');
 
 
 
 
 
 
72
  }
73
 
74
  public function getConfig($config,$id=""){
75
- $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
76
  if($id!=""){
77
  return $customer->getConfig($config,$id);
78
  }
79
- else{
80
  $admin = Mage::getSingleton('admin/session')->getUser();
81
  $id = $admin->getUserId();
82
  return $customer->getConfig($config,$id);
83
  }
 
 
 
84
  }
85
 
86
  public function cURLEnabled(){
87
- $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
88
  return $customer->is_curl_installed();
89
  }
90
 
91
 
92
-
93
  }
3
 
4
 
5
  public function isEnabled(){
6
+ $customer = Mage::helper('MiniOrange_2factor');
7
  $admin = Mage::getSingleton('admin/session')->getUser();
8
  $id = $admin->getUserId();
9
  if($customer->getConfig('isEnabled',$id)==1){
23
  }
24
 
25
  public function getHostURl(){
26
+ return Mage::helper('MiniOrange_2factor')->getHostURl();
27
  }
28
 
29
  public function getqrCode(){
44
  }
45
  }
46
 
47
+ public function getCurrentUser(){
48
+ if (Mage::getSingleton('customer/session')->isLoggedIn()) {
49
+ $customer = Mage::getSingleton('customer/session')->getCustomer();
50
+ return $customer->getEmail();
51
+ }
52
+ return;
53
+ }
54
+
55
  public function showEmail(){
56
  $admin = Mage::getSingleton('admin/session')->getUser();
57
+ $customer = Mage::helper('MiniOrange_2factor');
58
  $id = $admin->getUserId();
59
  return $customer->showEmail($id);
60
  }
76
  return $url.'adminhtml/default/default/images/MiniOrange_2factor/'.$image.'.png';
77
  }
78
 
79
+ public function isCustomerEnabled(){
80
+ $customer = Mage::helper('MiniOrange_2factor');
81
+ if($customer->getConfig('isCustomerEnabled','')==1){
82
+ return 'checked';
83
+ }
84
+ else{
85
+ return '';
86
+ }
87
  }
88
 
89
  public function getConfig($config,$id=""){
90
+ $customer = Mage::helper('MiniOrange_2factor');
91
  if($id!=""){
92
  return $customer->getConfig($config,$id);
93
  }
94
+ else if( !Mage::getSingleton('customer/session')->isLoggedIn() ) {
95
  $admin = Mage::getSingleton('admin/session')->getUser();
96
  $id = $admin->getUserId();
97
  return $customer->getConfig($config,$id);
98
  }
99
+ else{
100
+ return $customer->getConfig($config,$id);
101
+ }
102
  }
103
 
104
  public function cURLEnabled(){
105
+ $customer = Mage::helper('MiniOrange_2factor');
106
  return $customer->is_curl_installed();
107
  }
108
 
109
 
 
110
  }
app/code/community/miniOrange/2factor/Controllers/Adminhtml/IndexController.php CHANGED
@@ -4,22 +4,24 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
4
  {
5
  private $defaultCustomerKey = "16352";
6
  private $defaultApiKey = "AJG97LGpOVVwFUuuPSij5IH6Kvlu6qEj";
7
-
8
  public function indexAction(){
9
- $this->loadLayout();
10
- $this->renderLayout();
11
- Mage::getSingleton('core/session')->unsErrorMessage();
12
- Mage::getSingleton('core/session')->unsSuccessMessage();
13
- Mage::getSingleton('admin/session')->unsshowLoginSettings();
14
- Mage::getSingleton('admin/session')->unsOTPsent();
15
- Mage::getSingleton('admin/session')->unsEnteredEmail();
 
16
  }
17
 
18
 
19
  public function newUserAction(){
20
  $params = $this->getRequest()->getParams();
 
21
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
22
- if($customer->is_curl_installed()){
23
  $email = $params['email'];
24
  Mage::getSingleton('admin/session')->setEnteredEmail($email);
25
  $password = $params['password'];
@@ -61,14 +63,12 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
61
  $collection = Mage::getModel('admin/user')->getCollection();
62
  foreach($collection as $item){
63
  $ids=$item->getData('user_id');
64
- $this->saveConfig('miniorange_2factor_customer_key',$customerKey['id'],$ids);
65
- $this->saveConfig('miniorange_2factor_api_key',$customerKey['apiKey'],$ids);
66
- $this->saveConfig('miniorange_2factor_token',$customerKey['token'],$ids);
67
- $this->saveConfig('miniorange_2factor_admin_registered',$id,$ids);
68
- if($ids!=$id){
69
  $this->saveConfig('miniorange_2factor_validated',0,$ids);
70
- }
71
  }
 
 
 
 
72
  $this->saveConfig('miniorange_2factor_pass',"",$id);
73
  $this->saveConfig('miniorange_2factor_show_otp',0,$id);
74
  $this->saveConfig('miniorange_2factor_show_configure',1,$id);
@@ -80,6 +80,7 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
80
  else{
81
  $this->saveConfig('miniorange_2factor_login',"1",$id);
82
  $this->displayMessage('Invalid Credentials',"ERROR");
 
83
  $this->redirect("miniorange_2factor/adminhtml_index/index");
84
  }
85
  }
@@ -93,8 +94,9 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
93
 
94
  public function validateNewUserAction(){
95
  $params = $this->getRequest()->getParams();
 
96
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
97
- if($customer->is_curl_installed()){
98
  $admin = Mage::getSingleton('admin/session')->getUser();
99
  $id = $admin->getUserId();
100
  $otp = $params['otp'];
@@ -105,7 +107,7 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
105
  $content = json_decode($customer->validate_otp_token( 'EMAIL', null, $transactionId , $otp , $this->defaultCustomerKey, $this->defaultApiKey),true);
106
 
107
  if(strcasecmp($content['status'], 'SUCCESS') == 0) { //OTP validated and generate QRCode
108
- $adminregistered = $customer->getConfig('mainAdmin',$id);
109
  if($adminregistered!="" && $adminregistered==$id){
110
  $this->mo2f_create_customer();
111
  }
@@ -139,11 +141,13 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
139
 
140
  public function existingUserAction(){
141
  $params = $this->getRequest()->getParams();
 
142
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
143
- if($customer->is_curl_installed()){
144
  $email = $params['loginemail'];
145
  Mage::getSingleton('admin/session')->setEnteredEmail($email);
146
  $password = $params['loginpassword'];
 
147
  $submit = $params['submit'];
148
  $admin = Mage::getSingleton('admin/session')->getUser();
149
  $id = $admin->getUserId();
@@ -152,16 +156,16 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
152
  $customerKey = json_decode($content, true);
153
  if(json_last_error() == JSON_ERROR_NONE) {
154
  $this->saveConfig('miniorange_2factor_email',$email,$id);
 
155
  $collection = Mage::getModel('admin/user')->getCollection();
156
  foreach($collection as $item){
157
  $ids=$item->getData('user_id');
158
- $this->saveConfig('miniorange_2factor_customer_key',$customerKey['id'],$ids);
159
- $this->saveConfig('miniorange_2factor_api_key',$customerKey['apiKey'],$ids);
160
- $this->saveConfig('miniorange_2factor_token',$customerKey['token'],$ids);
161
- if($ids!=$id){
162
  $this->saveConfig('miniorange_2factor_validated',0,$ids);
163
- }
164
  }
 
 
 
 
165
  $this->saveConfig('miniorange_2factor_pass',"",$id);
166
  $this->saveConfig('miniorange_2factor_show_otp',0,$id);
167
  $this->saveConfig('miniorange_2factor_show_configure',1,$id);
@@ -194,8 +198,9 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
194
 
195
  public function additionalAdminAction(){
196
  $params = $this->getRequest()->getParams();
 
197
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
198
- if($customer->is_curl_installed()){
199
  $email = $params['additional_email'];
200
  $phone = $params['additional_phone'];
201
  $admin = Mage::getSingleton('admin/session')->getUser();
@@ -224,27 +229,36 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
224
  }
225
  }
226
 
227
- public function enableAdminAction(){
 
228
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
229
- if($customer->is_curl_installed()){
230
  $admin = Mage::getSingleton('admin/session')->getUser();
231
  $id = $admin->getUserId();
232
  $params = $this->getRequest()->getParams();
233
- $email = $customer->getConfig('email',$id);
234
- $validated = $customer->getConfig('validated',$id);
235
- $showqr = $customer->getConfig('configure',$id);
236
  Mage::getSingleton('admin/session')->setshowLoginSettings(1);
237
  if($email!="" && $validated==1){
238
  if($showqr==0){
239
- $value = $params['adminrole_activation'];
240
- if($value==1){
 
241
  $this->saveConfig('miniorange_2factor_Admin_enable',1,$id);
242
- $this->displayMessage('Enabled Two Factor for Admin',"SUCCESS");
243
  }
244
  else{
245
  $this->saveConfig('miniorange_2factor_Admin_enable',0,$id);
246
- $this->displayMessage('Disabled Two Factor for Admin',"ERROR");
247
  }
 
 
 
 
 
 
 
 
 
248
  $this->redirect("miniorange_2factor/adminhtml_index/index");
249
  }
250
  else{
@@ -264,8 +278,9 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
264
  }
265
 
266
  public function supportSubmitAction(){
 
267
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
268
- if($customer->is_curl_installed()){
269
  $params = $this->getRequest()->getParams();
270
  $user = Mage::getSingleton('admin/session')->getUser();
271
  $customer->submit_contact_us($params['query_email'], $params['query_phone'], $params['query'], $user);
@@ -280,8 +295,9 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
280
 
281
 
282
  public function registrationSuccessAction(){
 
283
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
284
- if($customer->is_curl_installed()){
285
  $admin = Mage::getSingleton('admin/session')->getUser();
286
  $id = $admin->getUserId();
287
  $url = Mage::helper("adminhtml")->getUrl('adminhtml/index/logout');
@@ -298,13 +314,14 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
298
  }
299
 
300
  public function showQRCodeAction(){
 
301
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
302
- if($customer->is_curl_installed()){
303
  $params = $this->getRequest()->getParams();
304
  $admin = Mage::getSingleton('admin/session')->getUser();
305
  $id = $admin->getUserId();
306
- $email = $customer->getConfig('email',$id);
307
- $validated = $customer->getConfig('validated',$id);
308
  if($email!="" && $validated==1){
309
  $this->saveConfig('miniorange_2factor_show_configure',1,$id);
310
  $this->saveConfig('miniorange_2factor_downloaded_app',$params['showDownload'],$id);
@@ -322,11 +339,12 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
322
  }
323
 
324
  public function resendValidationOTPAction(){
 
325
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
326
- if($customer->is_curl_installed()){
327
  $admin = Mage::getSingleton('admin/session')->getUser();
328
  $id = $admin->getUserId();
329
- $email = $customer->getConfig('email',$id);
330
  $content = json_decode($customer->send_otp_token($email,'EMAIL',$this->defaultCustomerKey,$this->defaultApiKey), true); //send otp for verification
331
  if(strcasecmp($content['status'], 'SUCCESS') == 0){
332
  Mage::getSingleton('admin/session')->setMytextid($content['txId']);
@@ -393,13 +411,15 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
393
  }
394
 
395
  private function mo2f_create_customer(){
 
396
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
397
- if($customer->is_curl_installed()){
398
  $admin = Mage::getSingleton('admin/session')->getUser();
399
  $id = $admin->getUserId();
400
- $email = $customer->getConfig('email',$id);
401
- $password = $customer->getConfig('pass',$id);
402
- $customerKey = json_decode($customer->create_customer($email,'',$password), true);
 
403
  if(strcasecmp($customerKey['status'], 'CUSTOMER_USERNAME_ALREADY_EXISTS') == 0) { //admin already exists in miniOrange
404
  $content = $customer->get_customer_key($email,$password);
405
  $customerKey = json_decode($content, true);
@@ -407,13 +427,12 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
407
  $collection = Mage::getModel('admin/user')->getCollection();
408
  foreach($collection as $item){
409
  $ids=$item->getData('user_id');
410
- $this->saveConfig('miniorange_2factor_customer_key',$customerKey['id'],$ids);
411
- $this->saveConfig('miniorange_2factor_api_key',$customerKey['apiKey'],$ids);
412
- $this->saveConfig('miniorange_2factor_token',$customerKey['token'],$ids);
413
- if($ids!=$id){
414
  $this->saveConfig('miniorange_2factor_validated',0,$ids);
415
- }
416
  }
 
 
 
 
417
  $this->saveConfig('miniorange_2factor_pass',"",$id);
418
  $this->saveConfig('miniorange_2factor_show_otp',0,$id);
419
  $this->saveConfig('miniorange_2factor_show_configure',1,$id);
@@ -428,13 +447,12 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
428
  $collection = Mage::getModel('admin/user')->getCollection();
429
  foreach($collection as $item){
430
  $ids=$item->getData('user_id');
431
- $this->saveConfig('miniorange_2factor_customer_key',$customerKey['id'],$ids);
432
- $this->saveConfig('miniorange_2factor_api_key',$customerKey['apiKey'],$ids);
433
- $this->saveConfig('miniorange_2factor_token',$customerKey['token'],$ids);
434
- if($ids!=$id){
435
- $this->saveConfig('miniorange_2factor_validated',0,$ids);
436
- }
437
  }
 
 
 
 
438
  $this->saveConfig('miniorange_2factor_pass',"",$id);
439
  $this->saveConfig('miniorange_2factor_show_otp',0,$id);
440
  $this->saveConfig('miniorange_2factor_login',0,$id);
@@ -452,10 +470,10 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
452
 
453
 
454
  private function mo2f_get_qr_code_for_mobile($email,$id){
455
- $registerMobile = Mage::helper('MiniOrange_2factor/mo2fUtility');
456
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
457
- if($customer->is_curl_installed()){
458
- $content = $registerMobile->register_mobile($email,$id);
459
  $response = json_decode($content, true);
460
  if(json_last_error() == JSON_ERROR_NONE) {
461
  Mage::getSingleton('core/session')->setmo2fqrcode($response['qrCode']);
@@ -485,5 +503,18 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
485
  }
486
  }
487
 
 
 
 
 
 
 
 
 
 
 
 
 
 
488
 
489
  }
4
  {
5
  private $defaultCustomerKey = "16352";
6
  private $defaultApiKey = "AJG97LGpOVVwFUuuPSij5IH6Kvlu6qEj";
7
+
8
  public function indexAction(){
9
+ $this->loadLayout();
10
+ $this->renderLayout();
11
+ Mage::getSingleton('core/session')->unsErrorMessage();
12
+ Mage::getSingleton('core/session')->unsSuccessMessage();
13
+ Mage::getSingleton('admin/session')->unsshowLoginSettings();
14
+ Mage::getSingleton('admin/session')->unsOTPsent();
15
+ Mage::getSingleton('admin/session')->unsEnteredEmail();
16
+ Mage::getSingleton('admin/session')->unsaddPhone();
17
  }
18
 
19
 
20
  public function newUserAction(){
21
  $params = $this->getRequest()->getParams();
22
+ $helper = Mage::helper('MiniOrange_2factor');
23
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
24
+ if($helper->is_curl_installed()){
25
  $email = $params['email'];
26
  Mage::getSingleton('admin/session')->setEnteredEmail($email);
27
  $password = $params['password'];
63
  $collection = Mage::getModel('admin/user')->getCollection();
64
  foreach($collection as $item){
65
  $ids=$item->getData('user_id');
 
 
 
 
 
66
  $this->saveConfig('miniorange_2factor_validated',0,$ids);
 
67
  }
68
+ $storeConfig = new Mage_Core_Model_Config();
69
+ $storeConfig ->saveConfig('miniOrange/2factor/customerKey',$customerKey['id'], 'default', 0);
70
+ $storeConfig ->saveConfig('miniOrange/2factor/apiKey',$customerKey['apiKey'], 'default', 0);
71
+ $storeConfig ->saveConfig('miniOrange/2factor/2factorToken',$customerKey['token'], 'default', 0);
72
  $this->saveConfig('miniorange_2factor_pass',"",$id);
73
  $this->saveConfig('miniorange_2factor_show_otp',0,$id);
74
  $this->saveConfig('miniorange_2factor_show_configure',1,$id);
80
  else{
81
  $this->saveConfig('miniorange_2factor_login',"1",$id);
82
  $this->displayMessage('Invalid Credentials',"ERROR");
83
+ Mage::getSingleton('core/session')->setaddPhone($phone);
84
  $this->redirect("miniorange_2factor/adminhtml_index/index");
85
  }
86
  }
94
 
95
  public function validateNewUserAction(){
96
  $params = $this->getRequest()->getParams();
97
+ $helper = Mage::helper('MiniOrange_2factor');
98
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
99
+ if($helper->is_curl_installed()){
100
  $admin = Mage::getSingleton('admin/session')->getUser();
101
  $id = $admin->getUserId();
102
  $otp = $params['otp'];
107
  $content = json_decode($customer->validate_otp_token( 'EMAIL', null, $transactionId , $otp , $this->defaultCustomerKey, $this->defaultApiKey),true);
108
 
109
  if(strcasecmp($content['status'], 'SUCCESS') == 0) { //OTP validated and generate QRCode
110
+ $adminregistered = $helper->getConfig('mainAdmin',$id);
111
  if($adminregistered!="" && $adminregistered==$id){
112
  $this->mo2f_create_customer();
113
  }
141
 
142
  public function existingUserAction(){
143
  $params = $this->getRequest()->getParams();
144
+ $helper = Mage::helper('MiniOrange_2factor');
145
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
146
+ if($helper->is_curl_installed()){
147
  $email = $params['loginemail'];
148
  Mage::getSingleton('admin/session')->setEnteredEmail($email);
149
  $password = $params['loginpassword'];
150
+ $phone = Mage::getSingleton('core/session')->getaddPhone();
151
  $submit = $params['submit'];
152
  $admin = Mage::getSingleton('admin/session')->getUser();
153
  $id = $admin->getUserId();
156
  $customerKey = json_decode($content, true);
157
  if(json_last_error() == JSON_ERROR_NONE) {
158
  $this->saveConfig('miniorange_2factor_email',$email,$id);
159
+ $this->saveConfig('miniorange_2factor_phone',$phone,$id);
160
  $collection = Mage::getModel('admin/user')->getCollection();
161
  foreach($collection as $item){
162
  $ids=$item->getData('user_id');
 
 
 
 
163
  $this->saveConfig('miniorange_2factor_validated',0,$ids);
 
164
  }
165
+ $storeConfig = new Mage_Core_Model_Config();
166
+ $storeConfig ->saveConfig('miniOrange/2factor/customerKey',$customerKey['id'], 'default', 0);
167
+ $storeConfig ->saveConfig('miniOrange/2factor/apiKey',$customerKey['apiKey'], 'default', 0);
168
+ $storeConfig ->saveConfig('miniOrange/2factor/2factorToken',$customerKey['token'], 'default', 0);
169
  $this->saveConfig('miniorange_2factor_pass',"",$id);
170
  $this->saveConfig('miniorange_2factor_show_otp',0,$id);
171
  $this->saveConfig('miniorange_2factor_show_configure',1,$id);
198
 
199
  public function additionalAdminAction(){
200
  $params = $this->getRequest()->getParams();
201
+ $helper = Mage::helper('MiniOrange_2factor');
202
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
203
+ if($helper->is_curl_installed()){
204
  $email = $params['additional_email'];
205
  $phone = $params['additional_phone'];
206
  $admin = Mage::getSingleton('admin/session')->getUser();
229
  }
230
  }
231
 
232
+ public function saveLoginSettingsAction(){
233
+ $helper = Mage::helper('MiniOrange_2factor');
234
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
235
+ if($helper->is_curl_installed()){
236
  $admin = Mage::getSingleton('admin/session')->getUser();
237
  $id = $admin->getUserId();
238
  $params = $this->getRequest()->getParams();
239
+ $email = $helper->getConfig('email',$id);
240
+ $validated = $helper->getConfig('validated',$id);
241
+ $showqr = $helper->getConfig('configure',$id);
242
  Mage::getSingleton('admin/session')->setshowLoginSettings(1);
243
  if($email!="" && $validated==1){
244
  if($showqr==0){
245
+ $value1 = $params['adminrole_activation'];
246
+ $value2 = $params['customer_activation'];
247
+ if($value1==1){
248
  $this->saveConfig('miniorange_2factor_Admin_enable',1,$id);
 
249
  }
250
  else{
251
  $this->saveConfig('miniorange_2factor_Admin_enable',0,$id);
 
252
  }
253
+ if($value2==1){
254
+ $storeConfig = new Mage_Core_Model_Config();
255
+ $storeConfig ->saveConfig('miniOrange/2factor/customer/enable','1', 'default', 0);
256
+ }
257
+ else{
258
+ $storeConfig = new Mage_Core_Model_Config();
259
+ $storeConfig ->saveConfig('miniOrange/2factor/customer/enable','0', 'default', 0);
260
+ }
261
+ $this->displayMessage('Settings Saved.',"SUCCESS");
262
  $this->redirect("miniorange_2factor/adminhtml_index/index");
263
  }
264
  else{
278
  }
279
 
280
  public function supportSubmitAction(){
281
+ $helper = Mage::helper('MiniOrange_2factor');
282
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
283
+ if($helper->is_curl_installed()){
284
  $params = $this->getRequest()->getParams();
285
  $user = Mage::getSingleton('admin/session')->getUser();
286
  $customer->submit_contact_us($params['query_email'], $params['query_phone'], $params['query'], $user);
295
 
296
 
297
  public function registrationSuccessAction(){
298
+ $helper = Mage::helper('MiniOrange_2factor');
299
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
300
+ if($helper->is_curl_installed()){
301
  $admin = Mage::getSingleton('admin/session')->getUser();
302
  $id = $admin->getUserId();
303
  $url = Mage::helper("adminhtml")->getUrl('adminhtml/index/logout');
314
  }
315
 
316
  public function showQRCodeAction(){
317
+ $helper = Mage::helper('MiniOrange_2factor');
318
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
319
+ if($helper->is_curl_installed()){
320
  $params = $this->getRequest()->getParams();
321
  $admin = Mage::getSingleton('admin/session')->getUser();
322
  $id = $admin->getUserId();
323
+ $email = $helper->getConfig('email',$id);
324
+ $validated = $helper->getConfig('validated',$id);
325
  if($email!="" && $validated==1){
326
  $this->saveConfig('miniorange_2factor_show_configure',1,$id);
327
  $this->saveConfig('miniorange_2factor_downloaded_app',$params['showDownload'],$id);
339
  }
340
 
341
  public function resendValidationOTPAction(){
342
+ $helper = Mage::helper('MiniOrange_2factor');
343
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
344
+ if($helper->is_curl_installed()){
345
  $admin = Mage::getSingleton('admin/session')->getUser();
346
  $id = $admin->getUserId();
347
+ $email = $helper->getConfig('email',$id);
348
  $content = json_decode($customer->send_otp_token($email,'EMAIL',$this->defaultCustomerKey,$this->defaultApiKey), true); //send otp for verification
349
  if(strcasecmp($content['status'], 'SUCCESS') == 0){
350
  Mage::getSingleton('admin/session')->setMytextid($content['txId']);
411
  }
412
 
413
  private function mo2f_create_customer(){
414
+ $helper = Mage::helper('MiniOrange_2factor');
415
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
416
+ if($helper->is_curl_installed()){
417
  $admin = Mage::getSingleton('admin/session')->getUser();
418
  $id = $admin->getUserId();
419
+ $email = $helper->getConfig('email',$id);
420
+ $password = $helper->getConfig('pass',$id);
421
+ $phone = $helper->getConfig('phone',$id);
422
+ $customerKey = json_decode($customer->create_customer($email,$phone,$password), true);
423
  if(strcasecmp($customerKey['status'], 'CUSTOMER_USERNAME_ALREADY_EXISTS') == 0) { //admin already exists in miniOrange
424
  $content = $customer->get_customer_key($email,$password);
425
  $customerKey = json_decode($content, true);
427
  $collection = Mage::getModel('admin/user')->getCollection();
428
  foreach($collection as $item){
429
  $ids=$item->getData('user_id');
 
 
 
 
430
  $this->saveConfig('miniorange_2factor_validated',0,$ids);
 
431
  }
432
+ $storeConfig = new Mage_Core_Model_Config();
433
+ $storeConfig ->saveConfig('miniOrange/2factor/customerKey',$customerKey['id'], 'default', 0);
434
+ $storeConfig ->saveConfig('miniOrange/2factor/apiKey',$customerKey['apiKey'], 'default', 0);
435
+ $storeConfig ->saveConfig('miniOrange/2factor/2factorToken',$customerKey['token'], 'default', 0);
436
  $this->saveConfig('miniorange_2factor_pass',"",$id);
437
  $this->saveConfig('miniorange_2factor_show_otp',0,$id);
438
  $this->saveConfig('miniorange_2factor_show_configure',1,$id);
447
  $collection = Mage::getModel('admin/user')->getCollection();
448
  foreach($collection as $item){
449
  $ids=$item->getData('user_id');
450
+ $this->saveConfig('miniorange_2factor_validated',0,$ids);
 
 
 
 
 
451
  }
452
+ $storeConfig = new Mage_Core_Model_Config();
453
+ $storeConfig ->saveConfig('miniOrange/2factor/customerKey',$customerKey['id'], 'default', 0);
454
+ $storeConfig ->saveConfig('miniOrange/2factor/apiKey',$customerKey['apiKey'], 'default', 0);
455
+ $storeConfig ->saveConfig('miniOrange/2factor/2factorToken',$customerKey['token'], 'default', 0);
456
  $this->saveConfig('miniorange_2factor_pass',"",$id);
457
  $this->saveConfig('miniorange_2factor_show_otp',0,$id);
458
  $this->saveConfig('miniorange_2factor_login',0,$id);
470
 
471
 
472
  private function mo2f_get_qr_code_for_mobile($email,$id){
473
+ $helper = Mage::helper('MiniOrange_2factor');
474
  $customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
475
+ if($helper->is_curl_installed()){
476
+ $content = $customer->register_mobile($email,$id);
477
  $response = json_decode($content, true);
478
  if(json_last_error() == JSON_ERROR_NONE) {
479
  Mage::getSingleton('core/session')->setmo2fqrcode($response['qrCode']);
503
  }
504
  }
505
 
506
+ /*private function saveSettingsforCustomers($config,$value){
507
+ $data = array($config=>$value);
508
+ $collection = Mage::getModel('customer/customer')->getCollection();
509
+ foreach($collection as $item){
510
+ $id=$item->getData('entity_id');
511
+ $model = Mage::getModel('customer/customer')->load($id)->addData($data);
512
+ try {
513
+ $model->setId($id)->save();
514
+ } catch (Exception $e){
515
+ Mage::log($e->getMessage(), null, 'miniorage_error.log', true);
516
+ }
517
+ }
518
+ }*/
519
 
520
  }
app/code/community/miniOrange/2factor/Helper/Data.php CHANGED
@@ -1,4 +1,128 @@
1
  <?php
2
  class MiniOrange_2factor_Helper_Data extends Mage_Core_Helper_Abstract
3
  {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
4
  }
1
  <?php
2
  class MiniOrange_2factor_Helper_Data extends Mage_Core_Helper_Abstract
3
  {
4
+ public $hostname = "https://test.miniorange.com";
5
+
6
+ function adminExists($username){
7
+ $adminuser = Mage::getModel('admin/user');
8
+ $adminuser->loadByUsername($username);
9
+ if ($adminuser->getId()){
10
+ return true;
11
+ }
12
+ else{
13
+ return false;
14
+ }
15
+ }
16
+
17
+ function getHostURl(){
18
+ return $this->hostname;
19
+ }
20
+
21
+ function getAdmin($username){
22
+ $adminuser = Mage::getModel('admin/user');
23
+ $adminuser->loadByUsername($username);
24
+ if ($adminuser->getId()){
25
+ return $adminuser;
26
+ }
27
+ else{
28
+ return;
29
+ }
30
+ }
31
+
32
+ /*Function to extract config stored in the database*/
33
+ function getConfig($config,$id){
34
+ switch($config){
35
+ case 'isEnabled':
36
+ $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_Admin_enable');
37
+ break;
38
+ case 'isCustomerEnabled':
39
+ $result = Mage::getStoreConfig('miniOrange/2factor/customer/enable');
40
+ break;
41
+ case 'email':
42
+ $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_email');
43
+ break;
44
+ case 'pass':
45
+ $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_pass');
46
+ break;
47
+ case 'customerKey':
48
+ $result = Mage::getStoreConfig('miniOrange/2factor/customerKey');
49
+ break;
50
+ case 'apiKey':
51
+ $result = Mage::getStoreConfig('miniOrange/2factor/apiKey');
52
+ break;
53
+ case 'apiToken':
54
+ $result = Mage::getStoreConfig('miniOrange/2factor/2factorToken');
55
+ break;
56
+ case 'otp':
57
+ $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_show_otp');
58
+ break;
59
+ case 'qrcode':
60
+ $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_show_qr');
61
+ break;
62
+ case 'configure':
63
+ $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_show_configure');
64
+ break;
65
+ case 'validated':
66
+ $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_validated');
67
+ break;
68
+ case 'login':
69
+ $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_login');
70
+ break;
71
+ case 'mainAdmin':
72
+ $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_admin_registered');
73
+ break;
74
+ case 'downloaded':
75
+ $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_downloaded_app');
76
+ break;
77
+ case 'phone':
78
+ $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_phone');
79
+ break;
80
+ case 'customer_mobile_configured':
81
+ $result = Mage::getModel('customer/customer')->load($id)->getData('miniorange_phone');
82
+ break;
83
+ case 'customer_phone':
84
+ $result = Mage::getModel('customer/customer')->load($id)->getData('miniorange_mobileconfigured');
85
+ break;
86
+ default:
87
+ return;
88
+ break;
89
+ }
90
+ return $result;
91
+ }
92
+
93
+ /*Function to show his partial registered email to user*/
94
+ function showEmail($id){
95
+ $email = $this->getConfig('email',$id);
96
+ $emailsize = strlen($email);
97
+ $partialemail = substr($email,0,1);
98
+ $temp = strrpos($email,"@");
99
+ $endemail = substr($email,$temp-1,$emailsize);
100
+ for($i=1;$i<$temp;$i++){
101
+ $partialemail = $partialemail . 'x';
102
+ }
103
+ $showemail = $partialemail . $endemail;
104
+
105
+ return $showemail;
106
+ }
107
+
108
+ /*Function to check if cURL is enabled*/
109
+ function is_curl_installed() {
110
+ if (in_array ('curl', get_loaded_extensions())) {
111
+ return 1;
112
+ } else
113
+ return 0;
114
+ }
115
+
116
+ function displayMessage($message,$type){
117
+ Mage::getSingleton('core/session')->getMessages(true);
118
+ if(strcasecmp( $type,"SUCCESS") == 0)
119
+ Mage::getSingleton('core/session')->addSuccess($message);
120
+ else if(strcasecmp($type,"ERROR") == 0)
121
+ Mage::getSingleton('core/session')->addError($message);
122
+ else if(strcasecmp($type,"NOTICE")==0)
123
+ Mage::getSingleton('core/session')->addNotice($message);
124
+ else
125
+ Mage::getSingleton('core/session')->addWarning($message);
126
+ }
127
+
128
  }
app/code/community/miniOrange/2factor/Helper/mo2fUtility.php CHANGED
@@ -25,13 +25,9 @@ class MiniOrange_2factor_Helper_mo2fUtility extends Mage_Core_Helper_Abstract{
25
 
26
  public $email;
27
  public $phone;
28
- public $hostname = "https://auth.miniorange.com";
29
  public $pluginName = 'Magento 2 Factor Authentication Plugin';
30
 
31
- function getHostURl(){
32
- return $this->hostname;
33
- }
34
-
35
  function check_customer($email){
36
  $url = $this->hostname . '/moas/rest/customer/check-if-exists';
37
  $ch = curl_init( $url );
@@ -290,27 +286,6 @@ class MiniOrange_2factor_Helper_mo2fUtility extends Mage_Core_Helper_Abstract{
290
  return true;
291
  }
292
 
293
- function adminExists($username){
294
- $adminuser = Mage::getModel('admin/user');
295
- $adminuser->loadByUsername($username);
296
- if ($adminuser->getId()){
297
- return true;
298
- }
299
- else{
300
- return false;
301
- }
302
- }
303
-
304
- function getAdmin($username){
305
- $adminuser = Mage::getModel('admin/user');
306
- $adminuser->loadByUsername($username);
307
- if ($adminuser->getId()){
308
- return $adminuser;
309
- }
310
- else{
311
- return;
312
- }
313
- }
314
 
315
  function register_mobile($useremail,$id){
316
  $url = $this->hostname . '/moas/api/auth/register-mobile';
@@ -318,10 +293,10 @@ class MiniOrange_2factor_Helper_mo2fUtility extends Mage_Core_Helper_Abstract{
318
  $email = $useremail;
319
 
320
  /* The customer Key provided to you */
321
- $customerKey = $this->getConfig('customerKey',$id);
322
 
323
  /* The customer API Key provided to you */
324
- $apiKey = $this->getConfig('apiKey',$id);
325
 
326
  /* Current time in milliseconds since midnight, January 1, 1970 UTC. */
327
  $currentTimeInMillis = round(microtime(true) * 1000);
@@ -413,76 +388,4 @@ class MiniOrange_2factor_Helper_mo2fUtility extends Mage_Core_Helper_Abstract{
413
  return $content;
414
  }
415
 
416
- /*Function to extract config stored in the database*/
417
- function getConfig($config,$id){
418
- switch($config){
419
- case 'isEnabled':
420
- $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_Admin_enable');
421
- break;
422
- case 'email':
423
- $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_email');
424
- break;
425
- case 'pass':
426
- $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_pass');
427
- break;
428
- case 'customerKey':
429
- $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_customer_key');
430
- break;
431
- case 'apiKey':
432
- $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_api_key');
433
- break;
434
- case 'apiToken':
435
- $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_token');
436
- break;
437
- case 'otp':
438
- $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_show_otp');
439
- break;
440
- case 'qrcode':
441
- $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_show_qr');
442
- break;
443
- case 'configure':
444
- $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_show_configure');
445
- break;
446
- case 'validated':
447
- $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_validated');
448
- break;
449
- case 'login':
450
- $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_login');
451
- break;
452
- case 'mainAdmin':
453
- $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_admin_registered');
454
- break;
455
- case 'downloaded':
456
- $result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_downloaded_app');
457
- break;
458
- default:
459
- return;
460
- break;
461
- }
462
- return $result;
463
- }
464
-
465
- /*Function to show his partial registered email to user*/
466
- function showEmail($id){
467
- $email = $this->getConfig('email',$id);
468
- $emailsize = strlen($email);
469
- $partialemail = substr($email,0,1);
470
- $temp = strrpos($email,"@");
471
- $endemail = substr($email,$temp-1,$emailsize);
472
- for($i=1;$i<$temp;$i++){
473
- $partialemail = $partialemail . 'x';
474
- }
475
- $showemail = $partialemail . $endemail;
476
-
477
- return $showemail;
478
- }
479
-
480
- /*Function to check if cURL is enabled*/
481
- function is_curl_installed() {
482
- if (in_array ('curl', get_loaded_extensions())) {
483
- return 1;
484
- } else
485
- return 0;
486
- }
487
-
488
  }?>
25
 
26
  public $email;
27
  public $phone;
28
+ public $hostname = "https://test.miniorange.com";
29
  public $pluginName = 'Magento 2 Factor Authentication Plugin';
30
 
 
 
 
 
31
  function check_customer($email){
32
  $url = $this->hostname . '/moas/rest/customer/check-if-exists';
33
  $ch = curl_init( $url );
286
  return true;
287
  }
288
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
289
 
290
  function register_mobile($useremail,$id){
291
  $url = $this->hostname . '/moas/api/auth/register-mobile';
293
  $email = $useremail;
294
 
295
  /* The customer Key provided to you */
296
+ $customerKey = Mage::helper('MiniOrange_2factor')->getConfig('customerKey',$id);
297
 
298
  /* The customer API Key provided to you */
299
+ $apiKey = Mage::helper('MiniOrange_2factor')->getConfig('apiKey',$id);
300
 
301
  /* Current time in milliseconds since midnight, January 1, 1970 UTC. */
302
  $currentTimeInMillis = round(microtime(true) * 1000);
388
  return $content;
389
  }
390
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
391
  }?>
app/code/community/miniOrange/2factor/Model/Observer.php CHANGED
@@ -10,6 +10,7 @@ class MiniOrange_2factor_Model_Observer
10
  $request = Mage::app()->getRequest();
11
  $session = Mage::getSingleton('adminhtml/session');
12
  $helper = Mage::helper('MiniOrange_2factor/mo2fUtility');
 
13
  if ( $request->getRequestedControllerName() == 'index' && $request->getRequestedActionName() == 'login'){
14
  $session->unsLoginStatus();
15
  $session->unsWelcomeMessage();
@@ -29,7 +30,7 @@ class MiniOrange_2factor_Model_Observer
29
  $user = Mage::getModel('admin/user');
30
  Mage::getSingleton('adminhtml/session')->getMessages(true);
31
  if($session->getLoginStatus()!='MO_2_FACTOR_CHALLENGE_AUTHENTICATION'){
32
- if($helper->adminExists($request->getPost('miniorange-username'))){
33
  if($user->authenticate($request->getPost('miniorange-username'),$request->getPost('miniorange-password'))){
34
  $useragent = $_SERVER['HTTP_USER_AGENT'];
35
  if(strpos($useragent,'Mobi') !== false){
@@ -42,11 +43,11 @@ class MiniOrange_2factor_Model_Observer
42
  else{
43
  $admin = $user->login($request->getPost('miniorange-username'), $request->getPost('miniorange-password'));
44
  $id = $admin->getUserId();
45
- if($helper->getConfig('isEnabled',$id)==1){
46
- $apiKey = $helper->getConfig('apiKey',$id);
47
- $customerKey = $helper->getConfig('customerKey',$id);
48
- $showemail = $helper->showEmail($id);
49
- $content = $helper->send_otp_token($helper->getConfig('email',$id),'MOBILE AUTHENTICATION', $customerKey, $apiKey);
50
  $response = json_decode($content, true);
51
  if(json_last_error() == JSON_ERROR_NONE){
52
  $session->setLoginUsername($request->getPost('miniorange-username'));
@@ -73,9 +74,9 @@ class MiniOrange_2factor_Model_Observer
73
  if( $request->getPost('softtoken')!=null){
74
  $user = Mage::getModel('admin/user')->login($session->getLoginUsername(),$session->getLoginPassword());
75
  $id = $user->getUserId();
76
- $email = $helper->getConfig('email',$id);
77
- $customerKey = $helper->getConfig('customerKey',$id);
78
- $apiKey = $helper->getConfig('apiKey',$id);
79
  $content = $helper->validate_otp_token('SOFT TOKEN',$email, null, $request->getPost('softtoken'), $customerKey, $apiKey);
80
  $response = json_decode($content, true);
81
  if(strcasecmp($response['status'], 'FAILED') != 0){
@@ -107,9 +108,9 @@ class MiniOrange_2factor_Model_Observer
107
  if(!$session->getshowforgotphone()){
108
  $user = Mage::getModel('admin/user')->login($session->getLoginUsername(),$session->getLoginPassword());
109
  $id = $user->getUserId();
110
- $email = $helper->getConfig('email',$id);
111
- $customerKey = $helper->getConfig('customerKey',$id);
112
- $apiKey = $helper->getConfig('apiKey',$id);
113
  $response = json_decode($helper->send_otp_token($email,'EMAIL',$customerKey,$apiKey), true);
114
  if(strcasecmp($response['status'], 'SUCCESS') == 0){
115
  $session->setOTPtxtId($response['txId']);
@@ -128,9 +129,9 @@ class MiniOrange_2factor_Model_Observer
128
  $user = Mage::getModel('admin/user')->login($session->getLoginUsername(),$session->getLoginPassword());
129
  $id = $user->getUserId();
130
  if( $request->getPost('forgotPhoneOtp')!=null){
131
- $email = $helper->getConfig('email',$id);
132
- $customerKey = $helper->getConfig('customerKey',$id);
133
- $apiKey = $helper->getConfig('apiKey',$id);
134
  $content = $helper->validate_otp_token('EMAIL',$email, $session->getOTPtxtId(), $request->getPost('forgotPhoneOtp'), $customerKey, $apiKey);
135
  $response = json_decode($content, true);
136
  if(strcasecmp($response['status'], 'FAILED') != 0){
@@ -183,4 +184,61 @@ class MiniOrange_2factor_Model_Observer
183
  Mage::dispatchEvent('admin_session_user_login_success',array('user'=>$user));
184
  }
185
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
186
  }
10
  $request = Mage::app()->getRequest();
11
  $session = Mage::getSingleton('adminhtml/session');
12
  $helper = Mage::helper('MiniOrange_2factor/mo2fUtility');
13
+ $data = Mage::helper('MiniOrange_2factor');
14
  if ( $request->getRequestedControllerName() == 'index' && $request->getRequestedActionName() == 'login'){
15
  $session->unsLoginStatus();
16
  $session->unsWelcomeMessage();
30
  $user = Mage::getModel('admin/user');
31
  Mage::getSingleton('adminhtml/session')->getMessages(true);
32
  if($session->getLoginStatus()!='MO_2_FACTOR_CHALLENGE_AUTHENTICATION'){
33
+ if($data->adminExists($request->getPost('miniorange-username'))){
34
  if($user->authenticate($request->getPost('miniorange-username'),$request->getPost('miniorange-password'))){
35
  $useragent = $_SERVER['HTTP_USER_AGENT'];
36
  if(strpos($useragent,'Mobi') !== false){
43
  else{
44
  $admin = $user->login($request->getPost('miniorange-username'), $request->getPost('miniorange-password'));
45
  $id = $admin->getUserId();
46
+ if($data->getConfig('isEnabled',$id)==1){
47
+ $apiKey = $data->getConfig('apiKey',$id);
48
+ $customerKey = $data->getConfig('customerKey',$id);
49
+ $showemail = $data->showEmail($id);
50
+ $content = $helper->send_otp_token($data->getConfig('email',$id),'MOBILE AUTHENTICATION', $customerKey, $apiKey);
51
  $response = json_decode($content, true);
52
  if(json_last_error() == JSON_ERROR_NONE){
53
  $session->setLoginUsername($request->getPost('miniorange-username'));
74
  if( $request->getPost('softtoken')!=null){
75
  $user = Mage::getModel('admin/user')->login($session->getLoginUsername(),$session->getLoginPassword());
76
  $id = $user->getUserId();
77
+ $email = $data->getConfig('email',$id);
78
+ $customerKey = $data->getConfig('customerKey',$id);
79
+ $apiKey = $data->getConfig('apiKey',$id);
80
  $content = $helper->validate_otp_token('SOFT TOKEN',$email, null, $request->getPost('softtoken'), $customerKey, $apiKey);
81
  $response = json_decode($content, true);
82
  if(strcasecmp($response['status'], 'FAILED') != 0){
108
  if(!$session->getshowforgotphone()){
109
  $user = Mage::getModel('admin/user')->login($session->getLoginUsername(),$session->getLoginPassword());
110
  $id = $user->getUserId();
111
+ $email = $data->getConfig('email',$id);
112
+ $customerKey = $data->getConfig('customerKey',$id);
113
+ $apiKey = $data->getConfig('apiKey',$id);
114
  $response = json_decode($helper->send_otp_token($email,'EMAIL',$customerKey,$apiKey), true);
115
  if(strcasecmp($response['status'], 'SUCCESS') == 0){
116
  $session->setOTPtxtId($response['txId']);
129
  $user = Mage::getModel('admin/user')->login($session->getLoginUsername(),$session->getLoginPassword());
130
  $id = $user->getUserId();
131
  if( $request->getPost('forgotPhoneOtp')!=null){
132
+ $email = $data->getConfig('email',$id);
133
+ $customerKey = $data->getConfig('customerKey',$id);
134
+ $apiKey = $data->getConfig('apiKey',$id);
135
  $content = $helper->validate_otp_token('EMAIL',$email, $session->getOTPtxtId(), $request->getPost('forgotPhoneOtp'), $customerKey, $apiKey);
136
  $response = json_decode($content, true);
137
  if(strcasecmp($response['status'], 'FAILED') != 0){
184
  Mage::dispatchEvent('admin_session_user_login_success',array('user'=>$user));
185
  }
186
 
187
+
188
+ //-----------------//
189
+ public function customerLogin(Varien_Event_Observer $observer){
190
+ $request = Mage::app()->getRequest();
191
+ $session = Mage::getSingleton('customer/session');
192
+ $session->setBeforeAuthUrl(Mage::getUrl('twofactorauth/Index/configureTwoFactorPage'));
193
+ }
194
+
195
+
196
+ public function customerAuthenticateAfter(Varien_Event_Observer $observer){
197
+ if(Mage::getSingleton('core/session')->getValidationMessage()!=""){
198
+ Mage::getSingleton('core/session')->unsValidationMessage();
199
+ throw Mage::exception('Mage_Core','Authentication Failed! Please try again!',2);
200
+ }
201
+
202
+ if (Mage::helper('MiniOrange_2factor')->getConfig('isCustomerEnabled') && Mage::helper('MiniOrange_2factor')->getConfig('miniorange_mobileconfigured')) {
203
+ $redirectUrl = Mage::getModel('core/url')->getUrl('twofactorauth/Index/validationPage');
204
+ $session = Mage::getSingleton('customer/session');
205
+ $session->setOriginalAfterAuthUrl($session->getAfterAuthUrl());
206
+ $session->setAfterAuthUrl($redirectUrl);
207
+ }
208
+ else{
209
+ Mage::helper('MiniOrange_2factor')->displayMessage('Admin has Enabled Two Factor Authentication for your account. Please configure your account below.','NOTICE');
210
+ return $this;
211
+ }
212
+
213
+ /*$customer = $observer->getEvent()->getModel();
214
+ $request = Mage::app()->getRequest();
215
+ if ( $request->getRequestedControllerName() == 'account' && $request->getRequestedActionName() == 'loginPost'){
216
+ $request->setControllerName('Index')
217
+ ->setModuleName('twofactorauth')
218
+ ->setActionName('validationPage')
219
+ ->setDispatched(false);
220
+
221
+ }*/
222
+ }
223
+
224
+
225
+ /*
226
+ @ This is used along with <controller_action_layout_generate_blocks_before> event to get details about the controller and action being called.
227
+ public function logCompiledLayout($o){
228
+ $req = Mage::app()->getRequest();
229
+ $info = sprintf(
230
+ "\nRequest: %s\nFull Action Name: %s_%s_%s\nHandles:\n\t%s\nUpdate XML:\n%s",
231
+ $req->getRouteName(),
232
+ $req->getRequestedRouteName(), //full action name 1/3
233
+ $req->getRequestedControllerName(), //full action name 2/3
234
+ $req->getRequestedActionName(), //full action name 3/3
235
+ implode("\n\t",$o->getLayout()->getUpdate()->getHandles()),
236
+ $o->getLayout()->getUpdate()->asString()
237
+ );
238
+
239
+ // Force logging to var/log/layout.log
240
+ Mage::log($info, Zend_Log::INFO, 'layout.log', true);
241
+ }
242
+ */
243
+
244
  }
app/code/community/miniOrange/2factor/sql/MiniOrange_2factor_setup/mysql4-install-0.0.1.php CHANGED
@@ -5,16 +5,10 @@ $installer = $this;
5
 
6
  $installer->startSetup();
7
 
8
- /**
9
- * Add yubikey field to table 'admin/user'
10
- */
11
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_email', 'varchar(128) null');
12
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_pass', 'varchar(100) null');
13
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_phone', 'varchar(60) null');
14
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_Admin_enable', 'int null');
15
- $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_customer_key', 'varchar(25) null');
16
- $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_api_key', 'varchar(50) null');
17
- $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_token', 'varchar(50) null');
18
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_show_otp', 'int null');
19
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_show_qr', 'int null');
20
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_show_configure', 'int null');
@@ -23,4 +17,5 @@ $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorang
23
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_admin_registered', 'int null');
24
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_downloaded_app', 'int null');
25
 
 
26
  $installer->endSetup();
5
 
6
  $installer->startSetup();
7
 
 
 
 
8
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_email', 'varchar(128) null');
9
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_pass', 'varchar(100) null');
10
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_phone', 'varchar(60) null');
11
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_Admin_enable', 'int null');
 
 
 
12
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_show_otp', 'int null');
13
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_show_qr', 'int null');
14
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_show_configure', 'int null');
17
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_admin_registered', 'int null');
18
  $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_downloaded_app', 'int null');
19
 
20
+
21
  $installer->endSetup();
app/design/adminhtml/default/default/template/miniorange_2factor/login.phtml CHANGED
@@ -58,7 +58,7 @@
58
  </script>
59
  <script>
60
  var poll="<?php echo Mage::getSingleton('adminhtml/session')->getWelcomeMessage() ?>";if(poll=="1"){var $t=jQuery.noConflict();var timeout;function pollMobileValidation()
61
- {var transId="<?php echo Mage::getSingleton('adminhtml/session')->getLogintxtId() ?>";var jsonString="{\"txId\":\""+transId+"\"}";var postUrl="<?php echo Mage::helper('MiniOrange_2factor/mo2fUtility')->getHostURl()?>/moas/api/auth/auth-status";$t.ajax({url:postUrl,type:"POST",dataType:"json",data:jsonString,contentType:"application/json; charset=utf-8",success:function(result){var status=JSON.parse(JSON.stringify(result)).status;if(status=='SUCCESS'){var content="<div id='success'><center><img src='"+"<?php echo Mage::getBaseUrl(Mage_Core_Model_Store::URL_TYPE_SKIN).'adminhtml/default/default/images/MiniOrange_2factor/right.png'; ?>"+"'/></center></div>";$t("#showQrCode").empty();$t("#showQrCode").append(content);setTimeout(function(){$t("#QrCode").hide();$t("#features").hide();$t("#progressBar").show();$t("#mobile_validation_form").submit();},1000);}else if(status=='ERROR'||status=='FAILED'){var content="<div id='error'><center><img src='"+"<?php echo Mage::getBaseUrl(Mage_Core_Model_Store::URL_TYPE_SKIN).'adminhtml/default/default/images/MiniOrange_2factor/wrong.png'; ?>"+"' /></center></div>";$t("#showQrCode").empty();$t("#features").hide();$t("#showQrCode").append(content);setTimeout(function(){$t('#backto_mo_loginform').submit();},1000);}else{timeout=setTimeout(pollMobileValidation,3000);}}});}
62
  pollMobileValidation();}
63
  </script>
64
  <script>
58
  </script>
59
  <script>
60
  var poll="<?php echo Mage::getSingleton('adminhtml/session')->getWelcomeMessage() ?>";if(poll=="1"){var $t=jQuery.noConflict();var timeout;function pollMobileValidation()
61
+ {var transId="<?php echo Mage::getSingleton('adminhtml/session')->getLogintxtId() ?>";var jsonString="{\"txId\":\""+transId+"\"}";var postUrl="<?php echo Mage::helper('MiniOrange_2factor')->getHostURl()?>/moas/api/auth/auth-status";$t.ajax({url:postUrl,type:"POST",dataType:"json",data:jsonString,contentType:"application/json; charset=utf-8",success:function(result){var status=JSON.parse(JSON.stringify(result)).status;if(status=='SUCCESS'){var content="<div id='success'><center><img src='"+"<?php echo Mage::getBaseUrl(Mage_Core_Model_Store::URL_TYPE_SKIN).'adminhtml/default/default/images/MiniOrange_2factor/right.png'; ?>"+"'/></center></div>";$t("#showQrCode").empty();$t("#showQrCode").append(content);setTimeout(function(){$t("#QrCode").hide();$t("#features").hide();$t("#progressBar").show();$t("#mobile_validation_form").submit();},1000);}else if(status=='ERROR'||status=='FAILED'){var content="<div id='error'><center><img src='"+"<?php echo Mage::getBaseUrl(Mage_Core_Model_Store::URL_TYPE_SKIN).'adminhtml/default/default/images/MiniOrange_2factor/wrong.png'; ?>"+"' /></center></div>";$t("#showQrCode").empty();$t("#features").hide();$t("#showQrCode").append(content);setTimeout(function(){$t('#backto_mo_loginform').submit();},1000);}else{timeout=setTimeout(pollMobileValidation,3000);}}});}
62
  pollMobileValidation();}
63
  </script>
64
  <script>
app/design/adminhtml/default/default/template/miniorange_2factor/mo2fConfig.phtml CHANGED
@@ -9,9 +9,9 @@
9
  <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
10
  <script src="http://miniorange.com/js/intlTelInput.min.js"></script>
11
  <script>
12
- var $m = jQuery.noConflict();
13
- $m(document).ready(function() {
14
- $m("#phone").intlTelInput();$email="<?php echo $this->getConfig('email')?>";$showotp="<?php echo $this->getConfig('otp')?>";$showqr="<?php echo $this->getConfig('qrcode')?>";$configure="<?php echo $this->getConfig('configure')?>";$showlogin="<?php echo $this->getConfig('login')?>";$validated="<?php echo $this->getConfig('validated')?>";$downloaded="<?php echo $this->getConfig('downloaded')?>";$OTPsent="<?php echo Mage::getSingleton('admin/session')->getOTPsent();?>";$showloginsettings="<?php echo Mage::getSingleton('admin/session')->getshowLoginSettings(); ?>";$success='<?php echo Mage::getSingleton('core/session')->getSuccessMessage(); ?>';$error='<?php echo Mage::getSingleton('core/session')->getErrorMessage(); ?>';if($email==""){if($OTPsent!=""){$error="An error occured while saving your registration details. Please Flush you Magento Cache. [ <a id='preview9' href='#slider6'>Click Here</a> for a preview. ]"}}
15
  if($error!=""){$m(".error-msg span").empty();$m(".error-msg span").append($error);$m(".mini-messages li").css("display","block");$m(".success-msg").css("display","none");}
16
  if($success!=""){$m(".success-msg span").empty();$m(".success-msg span").append($success);$m(".mini-messages li").css("display","block");$m(".error-msg").css("display","none");}
17
  if($showotp==0&&$email!=""){$m("#account_setup").css("display","none");if($configure==1){$m("#configuremobile").css("display","block");voiddisplay("#configuremobile");setactive('configure_mobile');}else if($showloginsettings==1){$m("#login_settings").css("display","block");voiddisplay("#loginsettings");setactive('login_settings');$m("#displayQrCode").hide();$m("#configureMobileButton").css("display","block");}else{$m("#user_profile").css("display","block");voiddisplay("#userprofile");setactive('user_profile');$m("#displayQrCode").hide();$m("#configureMobileButton").css("display","block");}}else{if($showlogin==1){$m("#account_setup").css("display","block");$m("#already_registered").css("display","block");$m("#register_miniorange").css("display","none");voiddisplay("#accountsetup");$m("#user_profile").css("display","none");setactive('account_setup');}else if($validated==0&&$validated!=""){$m("#account_setup").css("display","block");$m("#additional_admin").css("display","block");$m("#register_miniorange").css("display","none");voiddisplay("#accountsetup");$m("#user_profile").css("display","none");setactive('account_setup');}else{$m("#account_setup").css("display","block");$m("#already_registered").css("display","none");$m("#register_miniorange").css("display","block");voiddisplay("#accountsetup");$m("#user_profile").css("display","none");setactive('account_setup');}}
@@ -145,7 +145,7 @@ $m(document).ready(function() {
145
  <table class="table">
146
  <tr>
147
  <td><b><font color="#FF0000">*</font>Email:</b></td>
148
- <td><input class="" type="email" name="additional_email" autofocus="true" required placeholder="person@example.com" style="width:400px;" value="<?php echo $current_user->user_email;?>"/></td>
149
  </tr>
150
  <tr>
151
  <td><b><font color="#FF0000">*</font>Phone number:</b></td>
@@ -255,12 +255,14 @@ $m(document).ready(function() {
255
  <div class="page" id="loginsettings">
256
  <div class="mo2f_table_layout">
257
  <div><h3>Login Settings</h3><hr></div>
258
- <form name="f" method="post" action="<?php echo $this->getadminurl('*/*/enableAdmin') ?>">
259
- <input type="hidden" name="form_key" value="<?php echo Mage::getSingleton('core/session')->getFormKey(); ?>" />
260
  <input type="hidden" name="form_key" value="<?php echo Mage::getSingleton('core/session')->getFormKey(); ?>" />
261
  <input type="checkbox" id="mo2f_adminrole_activation" name="adminrole_activation" value="1" <?php echo $this->isEnabled(); ?> /><b>Enable 2-Factor for admins.</b>
262
  <div style="margin-left:4%;"><b>Note:</b> This option is checked by default. It will enable 2-Factor only for admins, other users can still login with their password.<p>[ <a id="preview4" href="#slider2">Click Here</a> for a preview. ]</p></div>
263
  <br>
 
 
 
264
  <div class="button-align"><input type="submit" name="submit" value="Save Settings" class="button button-primary button-large" /></div>
265
  </form>
266
  </div>
@@ -278,7 +280,7 @@ $m(document).ready(function() {
278
  <div class="control_next"><img src='<?php echo $this->getImage('arrow') ?>' /></div>
279
  <div class="control_prev"><img src='<?php echo $this->getImage('arrow') ?>' /></div>
280
  <ul>
281
- <li><img style="height: 90%;" src='<?php echo $this->getImage('register') ?>' /></li>
282
  <li><img style="width: 90%; position: relative; top: 25%;" src='<?php echo $this->getImage('otp') ?>' /></li>
283
  <li><img style="width: 90%; position: relative;top: 15%;" src='<?php echo $this->getImage('clickconfiguremobile') ?>' /></li>
284
  <li><img style="height: 75%; position: relative; top: 12%;" src='<?php echo $this->getImage('scanqr') ?>' /></li>
@@ -482,7 +484,7 @@ $m(document).ready(function() {
482
  </td>
483
  </tr>
484
  <tr><td>
485
- <input type="text" class="mo2f_table_textbox" name="query_phone" id="query_phone" title="Phone with country code eg. +1xxxxxxxxxx" placeholder="Phone with country code eg. +1xxxxxxxxxx" value="" pattern="[\+]?[0-9]{1,4}\s?[0-9]{10}"/>
486
  </td>
487
  </tr>
488
  <tr>
9
  <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
10
  <script src="http://miniorange.com/js/intlTelInput.min.js"></script>
11
  <script>
12
+ var $m = jQuery.noConflict();
13
+ $m(document).ready(function() {
14
+ $m("#phone").intlTelInput();$m("#query_phone").intlTelInput();$m("#additional_phone").intlTelInput();$email="<?php echo $this->getConfig('email')?>";$showotp="<?php echo $this->getConfig('otp')?>";$showqr="<?php echo $this->getConfig('qrcode')?>";$configure="<?php echo $this->getConfig('configure')?>";$showlogin="<?php echo $this->getConfig('login')?>";$validated="<?php echo $this->getConfig('validated')?>";$downloaded="<?php echo $this->getConfig('downloaded')?>";$OTPsent="<?php echo Mage::getSingleton('admin/session')->getOTPsent();?>";$showloginsettings="<?php echo Mage::getSingleton('admin/session')->getshowLoginSettings(); ?>";$success='<?php echo Mage::getSingleton('core/session')->getSuccessMessage(); ?>';$error='<?php echo Mage::getSingleton('core/session')->getErrorMessage(); ?>';if($email==""){if($OTPsent!=""){$error="An error occured while saving your registration details. Please Flush you Magento Cache. [ <a id='preview9' href='#slider6'>Click Here</a> for a preview. ]"}}
15
  if($error!=""){$m(".error-msg span").empty();$m(".error-msg span").append($error);$m(".mini-messages li").css("display","block");$m(".success-msg").css("display","none");}
16
  if($success!=""){$m(".success-msg span").empty();$m(".success-msg span").append($success);$m(".mini-messages li").css("display","block");$m(".error-msg").css("display","none");}
17
  if($showotp==0&&$email!=""){$m("#account_setup").css("display","none");if($configure==1){$m("#configuremobile").css("display","block");voiddisplay("#configuremobile");setactive('configure_mobile');}else if($showloginsettings==1){$m("#login_settings").css("display","block");voiddisplay("#loginsettings");setactive('login_settings');$m("#displayQrCode").hide();$m("#configureMobileButton").css("display","block");}else{$m("#user_profile").css("display","block");voiddisplay("#userprofile");setactive('user_profile');$m("#displayQrCode").hide();$m("#configureMobileButton").css("display","block");}}else{if($showlogin==1){$m("#account_setup").css("display","block");$m("#already_registered").css("display","block");$m("#register_miniorange").css("display","none");voiddisplay("#accountsetup");$m("#user_profile").css("display","none");setactive('account_setup');}else if($validated==0&&$validated!=""){$m("#account_setup").css("display","block");$m("#additional_admin").css("display","block");$m("#register_miniorange").css("display","none");voiddisplay("#accountsetup");$m("#user_profile").css("display","none");setactive('account_setup');}else{$m("#account_setup").css("display","block");$m("#already_registered").css("display","none");$m("#register_miniorange").css("display","block");voiddisplay("#accountsetup");$m("#user_profile").css("display","none");setactive('account_setup');}}
145
  <table class="table">
146
  <tr>
147
  <td><b><font color="#FF0000">*</font>Email:</b></td>
148
+ <td><input class="" type="email" name="additional_email" autofocus="true" required placeholder="person@example.com" style="width:400px;" value=""/></td>
149
  </tr>
150
  <tr>
151
  <td><b><font color="#FF0000">*</font>Phone number:</b></td>
255
  <div class="page" id="loginsettings">
256
  <div class="mo2f_table_layout">
257
  <div><h3>Login Settings</h3><hr></div>
258
+ <form name="f" method="post" action="<?php echo $this->getadminurl('*/*/saveLoginSettings') ?>">
 
259
  <input type="hidden" name="form_key" value="<?php echo Mage::getSingleton('core/session')->getFormKey(); ?>" />
260
  <input type="checkbox" id="mo2f_adminrole_activation" name="adminrole_activation" value="1" <?php echo $this->isEnabled(); ?> /><b>Enable 2-Factor for admins.</b>
261
  <div style="margin-left:4%;"><b>Note:</b> This option is checked by default. It will enable 2-Factor only for admins, other users can still login with their password.<p>[ <a id="preview4" href="#slider2">Click Here</a> for a preview. ]</p></div>
262
  <br>
263
+ <!--<input type="checkbox" id="mo2f_customer_activation" name="customer_activation" value="1" <?php echo $this->isCustomerEnabled(); ?> /><b>Enable 2-Factor for Customers.</b>
264
+ <div style="margin-left:4%;"><b>Note:</b> This will enable 2-Factor for your customers.</div>
265
+ <br>-->
266
  <div class="button-align"><input type="submit" name="submit" value="Save Settings" class="button button-primary button-large" /></div>
267
  </form>
268
  </div>
280
  <div class="control_next"><img src='<?php echo $this->getImage('arrow') ?>' /></div>
281
  <div class="control_prev"><img src='<?php echo $this->getImage('arrow') ?>' /></div>
282
  <ul>
283
+ <li><img style="height: 87%;" src='<?php echo $this->getImage('register') ?>' /></li>
284
  <li><img style="width: 90%; position: relative; top: 25%;" src='<?php echo $this->getImage('otp') ?>' /></li>
285
  <li><img style="width: 90%; position: relative;top: 15%;" src='<?php echo $this->getImage('clickconfiguremobile') ?>' /></li>
286
  <li><img style="height: 75%; position: relative; top: 12%;" src='<?php echo $this->getImage('scanqr') ?>' /></li>
484
  </td>
485
  </tr>
486
  <tr><td>
487
+ <input type="text" class="mo2f_table_textbox" name="query_phone" id="query_phone" title="Phone with country code eg. +1xxxxxxxxxx" placeholder="Phone with country code eg. +1xxxxxxxxxx" value="<?php echo $this->getConfig('phone')?>" pattern="[\+]?[0-9]{1,4}\s?[0-9]{10}"/>
488
  </td>
489
  </tr>
490
  <tr>
package.xml CHANGED
@@ -1,55 +1,72 @@
1
  <?xml version="1.0"?>
2
  <package>
3
  <name>miniOrange_2factor</name>
4
- <version>1.0.2</version>
5
  <stability>stable</stability>
6
  <license uri="http://www.gnu.org/licenses/gpl-2.0.html">GNU General Public License (GPL)</license>
7
  <channel>community</channel>
8
  <extends/>
9
  <summary>Enable Two Factor Authentication (2FA)- Supports QR code, Soft token, otp over sms).</summary>
10
- <description>A highly secure &amp;amp; easy to setup Two-Factor Authentication for your Magento site. miniOrange Two Factor authentication combines something you know, or something you have (smartphone) to reliably confirm your identity. &#xD;
11
- &#xD;
12
- &lt;p&gt;Rather than relying on a password alone, which can be phished or guessed, miniOrange Two Factor authentication adds a second layer of security to your Magento accounts.&lt;/p&gt;&#xD;
13
- &#xD;
14
- &lt;p&gt;Currently the extension supports:&#xD;
15
- &lt;br /&gt;* It works for administrators.&#xD;
16
- &lt;br /&gt;* You can set up your two factor in minutes.&#xD;
17
- &lt;br /&gt;* Both iPhone and Android phones are supported.&#xD;
18
- &lt;br /&gt;* If your phone is lost or stolen or discharged, it offers an alternate login method.&#xD;
19
- &lt;br /&gt;* If your phone is offline, you can use a one time passcode generated by app to login.&lt;/p&gt;&#xD;
20
- &#xD;
21
- &#xD;
22
- &lt;p&gt;Feature phone, landline and two factor for frontend are also supported. You need to contact info@miniorange.com to enable it.&#xD;
23
- Trusted Device, Location, Time of access and user behavior is also supported. You need to enable this by contacting info@miniorange.com&lt;/p&gt;&#xD;
24
- &#xD;
25
- &lt;p&gt;miniOrange supports 15+ authentication methods. For a complete list of authentication methods please visit http://miniorange.com/strong_auth . If you want to have any other 2-factor for your Magento site, &lt;a href="http://miniorange.com/contact"&gt;Contact us&lt;/a&gt;.&lt;/p&gt;&#xD;
26
- &#xD;
27
- &lt;p&gt;* One time passcodes (OTP) over SMS&#xD;
28
- &lt;br /&gt;* OTP over Email&#xD;
29
- &lt;br /&gt;* OTP over SMS and Email&#xD;
30
- &lt;br /&gt;* Out of Band SMS&#xD;
31
- &lt;br /&gt;* Out of Band Email&#xD;
32
- &lt;br /&gt;* Soft Token&#xD;
33
- &lt;br /&gt;* Push Notification&#xD;
34
- &lt;br /&gt;* USB based Hardware token (&lt;b&gt;yubico&lt;/b&gt;)&#xD;
35
- &lt;br /&gt;* Security Questions&#xD;
36
- &lt;br /&gt;* Mobile Authentication&#xD;
37
- &lt;br /&gt;* Voice Authentication (Biometrics)&#xD;
38
- &lt;br /&gt;* Phone Verification&#xD;
39
- &lt;br /&gt;* Device Identification&#xD;
40
- &lt;br /&gt;* Location&#xD;
41
- &lt;br /&gt;* Time of Access&#xD;
42
- &lt;br /&gt;* User Behavior&lt;/p&gt;&#xD;
43
- &#xD;
44
- &lt;p&gt;You can choose from any of the above authentication methods to augment your password based authentication. miniOrange authentication service works with all phone types, from landlines to smart-phone platforms.&lt;/p&gt;&#xD;
45
- &#xD;
46
- &lt;p&gt;For support please email us at info@miniorange.com or call us at +1 978 658 9387&lt;/p&gt;</description>
47
- <notes>1.0.2&#xD;
48
- == Bug Fix ==</notes>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
49
  <authors><author><name>miniOrange inc.</name><user>miniOrange</user><email>info@miniorange.com</email></author></authors>
50
- <date>2015-08-21</date>
51
- <time>07:46:19</time>
52
- <contents><target name="magecommunity"><dir name="miniOrange"><dir name="2factor"><dir name="Block"><file name="mo2fConfig.php" hash="b8bdfeda5b75c15f9ddbcae5adaaa413"/></dir><dir name="Controllers"><dir name="Adminhtml"><file name="IndexController.php" hash="e36c45ea8d719d643a24dbca1787e7ca"/><dir name="Login"><file name="miniOrangeController.php" hash="78d1f305733dc764a87229ea4646a479"/></dir></dir></dir><dir name="Helper"><file name="Data.php" hash="34cbc1036639606723524e411926e15c"/><file name="mo2fUtility.php" hash="d01340877a2b6d9cdc49922582ee54a6"/></dir><dir name="Model"><file name="Observer.php" hash="9943902d65c40ba35052e5a027a1ca75"/><file name="Words.php" hash="ee26cc8582d5bbad5632a6e02129f815"/></dir><dir name="etc"><file name="adminhtml.xml" hash="955f9f87d1a5df39eea9fd69379af0ee"/><file name="config.xml" hash="749ad39ccb5acb5637b0a264c9d8be8a"/></dir><dir name="sql"><dir name="MiniOrange_2factor_setup"><file name="mysql4-install-0.0.1.php" hash="1a05fb90202ca98975ac396006178dec"/></dir></dir></dir></dir></target><target name="magedesign"><dir name="adminhtml"><dir name="default"><dir name="default"><dir name="layout"><file name="miniorange_2factor_admin.xml" hash="49671205b07f54681d1f93fec9ee4d67"/></dir><dir name="template"><dir name="miniorange_2factor"><file name="login.phtml" hash="06b1788d232f30e62aadb273bda634f5"/><file name="mo2fConfig.phtml" hash="c7a52e80c2069f08907cf4722d425d90"/></dir></dir></dir></dir></dir></target><target name="mageetc"><dir name="modules"><file name="miniorange_2factor.xml" hash="609cb91239fb4a89f64ae28d4b5b5398"/></dir></target><target name="mageskin"><dir name="adminhtml"><dir name="default"><dir name="default"><dir name="images"><dir name="MiniOrange_2factor"><file name="appstore.png" hash="1ac5eb0f971fd8cbeac4d3e4449cd9f0"/><file name="arrow.png" hash="47bdba61de621d8ca74c16f6dd5b6565"/><file name="authenticate.png" hash="052bcae5504f3a9c61365ecf8ab0c4e7"/><file name="authvalidate.png" hash="a01eaf3a0002b3e7115813fd4e4efe1a"/><file name="cachesetting.png" hash="15942adf97c0d48abdf2c583c94eb4f5"/><file name="clickconfiguremobile.png" hash="3ee49ca9596e3ad507d66aca43466ea3"/><file name="clickconfiguremobile2.png" hash="fc0ff15007ea57e3ceef75235056dc88"/><file name="configurefirsttime.png" hash="c6982bcd3f70080d893e3da11d2a77d8"/><file name="configuremobile.png" hash="013d6599af7a31fb53a895d877ab1ffe"/><file name="forgot-phone.png" hash="64cfe82547e4db88d025346477025cfe"/><file name="forgotphone.png" hash="4272645ec478f1479fc3dc56df5dd89b"/><file name="loggedin.png" hash="70cc5cad9c475ef9420aa3d70bc43102"/><file name="login1.png" hash="c0dce259d0e2e84957ba77c6e2e78abb"/><file name="login2.png" hash="99e2c32c2fd5f9c9acf6a8002e1d44ac"/><file name="login3.png" hash="305c7bbdb97da888970b7225641757f0"/><file name="loginsettings.png" hash="811b9792a0e47f7e483d01a7ded0ccd0"/><file name="mail.png" hash="751f9588f2e2aac3ec47a6b0ebb2fa4d"/><file name="miniorange_logo.png" hash="b1cd21c2deeb5f199fb55de487bf950b"/><file name="mobileconfigurebutton.png" hash="747a6057cd50099e1cb3b5041320bd85"/><file name="mobilescan.png" hash="dec68c53b12944a45140d909af803fdd"/><file name="mobilesuccess.png" hash="d977fd41088cf0677f33e77de13da56c"/><file name="otp.png" hash="74dc1d7644af2013d256852d26bc920b"/><file name="phone-offline.png" hash="81b25f8125b13fd4d96c23a6fa84574e"/><file name="playStore.png" hash="fbca6f8b28d05c3bcd833965289a20c2"/><file name="processing.png" hash="56b1a14bd1558354250a7a232a4d16e7"/><file name="register.png" hash="37be41049f1d79215322a8cf908bf7b3"/><file name="right.png" hash="2321d72c95ee1fd5708199f56f213136"/><file name="savecache.png" hash="cf686304f47b080ec98930be8bb0f869"/><file name="scanqr.png" hash="dc4c1d070d9b336c790cd2d1d5315ee6"/><file name="sendingotp.png" hash="28c93249e717916d0f3c974b1cd2af7d"/><file name="settings.png" hash="a3e0382615d3f19f5a0dab4d4accbf2d"/><file name="softokenmobile.png" hash="624d589cdfa031df456e25a2ff034e63"/><file name="softtoken.png" hash="804bd9b0a3a600e6f349a6aa4ea00899"/><file name="sync.png" hash="8fffca24e6184fc3f9af8e20feac430b"/><file name="wrong.png" hash="6bd49538f79c4722610c5535f38213af"/></dir></dir></dir></dir></dir></target></contents>
53
  <compatible/>
54
  <dependencies><required><php><min>5.3.10</min><max>5.6.11</max></php><extension><name>curl</name><min>7.40.0</min><max>7.44.0</max></extension></required></dependencies>
55
  </package>
1
  <?xml version="1.0"?>
2
  <package>
3
  <name>miniOrange_2factor</name>
4
+ <version>1.0.3</version>
5
  <stability>stable</stability>
6
  <license uri="http://www.gnu.org/licenses/gpl-2.0.html">GNU General Public License (GPL)</license>
7
  <channel>community</channel>
8
  <extends/>
9
  <summary>Enable Two Factor Authentication (2FA)- Supports QR code, Soft token, otp over sms).</summary>
10
+ <description>Two-Factor Authentication ( 2 Factor Authentication )&#xD;
11
+ &#xD;
12
+ Why Two-Factor?&#xD;
13
+ &#xD;
14
+ For any application- Identity is the perimeter that needs to be protected better!. Currently this protection is through a password. But passwords aren't enough. 76% of breaches exploit stolen credentials&#xD;
15
+ &#xD;
16
+ Too many passwords to remember, makes it a nightmare for users&#xD;
17
+ Passwords are easily lost, stolen, guessed.&#xD;
18
+ People use the same password for many accounts&#xD;
19
+ So every time you login into your Web site there is a chance that someone is sniffing or logging the password, which can later be used to login to your store. Clearly passwords are not enough for protecting your store. &#xD;
20
+ &#xD;
21
+ Use Two-Factor Authentication&#xD;
22
+ &#xD;
23
+ The most practical way to strengthen authentication is to require a second factor after the username/password stage. Since a password is something that you know, ensuring that the you can thwart attackers that steal or gain access to your password.&#xD;
24
+ miniOrange Two-Factor Authentication Overview&#xD;
25
+ &#xD;
26
+ miniOrange Two-Factor Authentication provides a highly secure &amp; easy to setup Two-Factor Authentication for your Magento store. Rather than relying on a password alone, which can be phished or guessed, miniOrange Two Factor authentication adds a second layer of security to your Magento store. You can protect your store by using miniOrange Two Factor authentication, which combines something you know or something you have (smartphone) to reliably confirm your identity.&#xD;
27
+ &#xD;
28
+ Features/Benefits&#xD;
29
+ &#xD;
30
+ Secure login into your Magento backend&#xD;
31
+ With miniOrange Two-Factor Authentication you can can:&#xD;
32
+ &#xD;
33
+ Securely login using our miniOrange Authenticator app&#xD;
34
+ Both iPhone and Android phones are supported.&#xD;
35
+ If your phone is lost or stolen or discharged, it offers an alternate login method.&#xD;
36
+ If your phone is offline, you can use a one time passcode (soft token) generated by app to login.&#xD;
37
+ The code generated are time based and keep changin every 30 seconds so even if someone knows your password, they will not be able to login to your backend.&#xD;
38
+ Choose 15+ different authentication methods&#xD;
39
+ * One time passcodes (OTP) over SMS &#xD;
40
+ * OTP over Email &#xD;
41
+ * OTP over SMS and Email &#xD;
42
+ * Out of Band SMS &#xD;
43
+ * Out of Band Email &#xD;
44
+ * Soft Token &#xD;
45
+ * Push Notification &#xD;
46
+ * USB based Hardware token (yubico) &#xD;
47
+ * Security Questions &#xD;
48
+ * Mobile Authentication &#xD;
49
+ * Voice Authentication (Biometrics) &#xD;
50
+ * Phone Verification &#xD;
51
+ * Device Identification &#xD;
52
+ * Location &#xD;
53
+ * Time of Access &#xD;
54
+ * User Behavior&#xD;
55
+ &#xD;
56
+ Feature phone, landline are also supported. You need to contact info@miniorange.com to enable it. Trusted Device, Location, Time of access and user behavior is also supported. You need to enable this by contacting info@miniorange.com&#xD;
57
+ &#xD;
58
+ For a complete list of authentication methods please visit http://miniorange.com/strong_auth . If you want to have any other 2-factor for your Magento site, Contact us.&lt;/p&gt;&#xD;
59
+ You can choose from any of the above authentication methods to augment your password based authentication. miniOrange authentication service works with all phone types, from landlines to smart-phone platforms.&#xD;
60
+ &#xD;
61
+ Contact Us&#xD;
62
+ &#xD;
63
+ For support please email us at info@miniorange.com or call us at +1 978 658 9387</description>
64
+ <notes>==1.0.3==&#xD;
65
+ Bug fixes</notes>
66
  <authors><author><name>miniOrange inc.</name><user>miniOrange</user><email>info@miniorange.com</email></author></authors>
67
+ <date>2015-08-26</date>
68
+ <time>12:09:56</time>
69
+ <contents><target name="magecommunity"><dir name="miniOrange"><dir name="2factor"><dir name="Block"><file name="mo2fConfig.php" hash="c186ecae80ba3945783d95712165f26a"/></dir><dir name="Controllers"><dir name="Adminhtml"><file name="IndexController.php" hash="acef2dddf89298d518291c3cdbfd2d48"/><dir name="Login"><file name="miniOrangeController.php" hash="78d1f305733dc764a87229ea4646a479"/></dir></dir></dir><dir name="Helper"><file name="Data.php" hash="f7f6df87285ca0ac36ba34dcfb6ee225"/><file name="mo2fUtility.php" hash="e00199e2e2bf3d0f34c73d801345cb28"/></dir><dir name="Model"><file name="Observer.php" hash="b14c81c7622df4d1ea2276e0d46e36d0"/><file name="Words.php" hash="ee26cc8582d5bbad5632a6e02129f815"/></dir><dir name="etc"><file name="adminhtml.xml" hash="955f9f87d1a5df39eea9fd69379af0ee"/><file name="config.xml" hash="749ad39ccb5acb5637b0a264c9d8be8a"/></dir><dir name="sql"><dir name="MiniOrange_2factor_setup"><file name="mysql4-install-0.0.1.php" hash="d48e85b9510d3a29784e75315b3c8ae4"/></dir></dir></dir></dir></target><target name="magedesign"><dir name="adminhtml"><dir name="default"><dir name="default"><dir name="layout"><file name="miniorange_2factor_admin.xml" hash="49671205b07f54681d1f93fec9ee4d67"/></dir><dir name="template"><dir name="miniorange_2factor"><file name="login.phtml" hash="36f8b7177bafaf4e916b1d9e5f382e50"/><file name="mo2fConfig.phtml" hash="335e3975d294f4f39666913bdbe031fc"/></dir></dir></dir></dir></dir></target><target name="mageetc"><dir name="modules"><file name="miniorange_2factor.xml" hash="609cb91239fb4a89f64ae28d4b5b5398"/></dir></target><target name="mageskin"><dir name="adminhtml"><dir name="default"><dir name="default"><dir name="images"><dir name="MiniOrange_2factor"><file name="appstore.png" hash="1ac5eb0f971fd8cbeac4d3e4449cd9f0"/><file name="arrow.png" hash="47bdba61de621d8ca74c16f6dd5b6565"/><file name="authenticate.png" hash="052bcae5504f3a9c61365ecf8ab0c4e7"/><file name="authvalidate.png" hash="a01eaf3a0002b3e7115813fd4e4efe1a"/><file name="cachesetting.png" hash="15942adf97c0d48abdf2c583c94eb4f5"/><file name="clickconfiguremobile.png" hash="3ee49ca9596e3ad507d66aca43466ea3"/><file name="clickconfiguremobile2.png" hash="fc0ff15007ea57e3ceef75235056dc88"/><file name="configurefirsttime.png" hash="c6982bcd3f70080d893e3da11d2a77d8"/><file name="configuremobile.png" hash="013d6599af7a31fb53a895d877ab1ffe"/><file name="forgot-phone.png" hash="64cfe82547e4db88d025346477025cfe"/><file name="forgotphone.png" hash="4272645ec478f1479fc3dc56df5dd89b"/><file name="loggedin.png" hash="70cc5cad9c475ef9420aa3d70bc43102"/><file name="login1.png" hash="c0dce259d0e2e84957ba77c6e2e78abb"/><file name="login2.png" hash="99e2c32c2fd5f9c9acf6a8002e1d44ac"/><file name="login3.png" hash="305c7bbdb97da888970b7225641757f0"/><file name="loginsettings.png" hash="811b9792a0e47f7e483d01a7ded0ccd0"/><file name="mail.png" hash="751f9588f2e2aac3ec47a6b0ebb2fa4d"/><file name="miniorange_logo.png" hash="b1cd21c2deeb5f199fb55de487bf950b"/><file name="mobileconfigurebutton.png" hash="747a6057cd50099e1cb3b5041320bd85"/><file name="mobilescan.png" hash="dec68c53b12944a45140d909af803fdd"/><file name="mobilesuccess.png" hash="d977fd41088cf0677f33e77de13da56c"/><file name="otp.png" hash="74dc1d7644af2013d256852d26bc920b"/><file name="phone-offline.png" hash="81b25f8125b13fd4d96c23a6fa84574e"/><file name="playStore.png" hash="fbca6f8b28d05c3bcd833965289a20c2"/><file name="processing.png" hash="56b1a14bd1558354250a7a232a4d16e7"/><file name="register.png" hash="37be41049f1d79215322a8cf908bf7b3"/><file name="right.png" hash="2321d72c95ee1fd5708199f56f213136"/><file name="savecache.png" hash="cf686304f47b080ec98930be8bb0f869"/><file name="scanqr.png" hash="dc4c1d070d9b336c790cd2d1d5315ee6"/><file name="sendingotp.png" hash="28c93249e717916d0f3c974b1cd2af7d"/><file name="settings.png" hash="a3e0382615d3f19f5a0dab4d4accbf2d"/><file name="softokenmobile.png" hash="624d589cdfa031df456e25a2ff034e63"/><file name="softtoken.png" hash="804bd9b0a3a600e6f349a6aa4ea00899"/><file name="sync.png" hash="8fffca24e6184fc3f9af8e20feac430b"/><file name="wrong.png" hash="6bd49538f79c4722610c5535f38213af"/></dir></dir></dir></dir></dir></target></contents>
70
  <compatible/>
71
  <dependencies><required><php><min>5.3.10</min><max>5.6.11</max></php><extension><name>curl</name><min>7.40.0</min><max>7.44.0</max></extension></required></dependencies>
72
  </package>