Version Notes
==1.0.3==
Bug fixes
Download this release
Release Info
Developer | miniOrange inc. |
Extension | miniOrange_2factor |
Version | 1.0.3 |
Comparing to | |
See all releases |
Code changes from version 1.0.2 to 1.0.3
- app/code/community/miniOrange/2factor/Block/mo2fConfig.php +25 -8
- app/code/community/miniOrange/2factor/Controllers/Adminhtml/IndexController.php +89 -58
- app/code/community/miniOrange/2factor/Helper/Data.php +124 -0
- app/code/community/miniOrange/2factor/Helper/mo2fUtility.php +3 -100
- app/code/community/miniOrange/2factor/Model/Observer.php +73 -15
- app/code/community/miniOrange/2factor/sql/MiniOrange_2factor_setup/mysql4-install-0.0.1.php +1 -6
- app/design/adminhtml/default/default/template/miniorange_2factor/login.phtml +1 -1
- app/design/adminhtml/default/default/template/miniorange_2factor/mo2fConfig.phtml +10 -8
- package.xml +60 -43
app/code/community/miniOrange/2factor/Block/mo2fConfig.php
CHANGED
@@ -3,7 +3,7 @@ class MiniOrange_2factor_Block_mo2fConfig extends Mage_Core_Block_Template{
|
|
3 |
|
4 |
|
5 |
public function isEnabled(){
|
6 |
-
$customer = Mage::helper('MiniOrange_2factor
|
7 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
8 |
$id = $admin->getUserId();
|
9 |
if($customer->getConfig('isEnabled',$id)==1){
|
@@ -23,7 +23,7 @@ class MiniOrange_2factor_Block_mo2fConfig extends Mage_Core_Block_Template{
|
|
23 |
}
|
24 |
|
25 |
public function getHostURl(){
|
26 |
-
return Mage::helper('MiniOrange_2factor
|
27 |
}
|
28 |
|
29 |
public function getqrCode(){
|
@@ -44,8 +44,17 @@ class MiniOrange_2factor_Block_mo2fConfig extends Mage_Core_Block_Template{
|
|
44 |
}
|
45 |
}
|
46 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
47 |
public function showEmail(){
|
48 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
|
|
49 |
$id = $admin->getUserId();
|
50 |
return $customer->showEmail($id);
|
51 |
}
|
@@ -67,27 +76,35 @@ class MiniOrange_2factor_Block_mo2fConfig extends Mage_Core_Block_Template{
|
|
67 |
return $url.'adminhtml/default/default/images/MiniOrange_2factor/'.$image.'.png';
|
68 |
}
|
69 |
|
70 |
-
public function
|
71 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
72 |
}
|
73 |
|
74 |
public function getConfig($config,$id=""){
|
75 |
-
$customer = Mage::helper('MiniOrange_2factor
|
76 |
if($id!=""){
|
77 |
return $customer->getConfig($config,$id);
|
78 |
}
|
79 |
-
else{
|
80 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
81 |
$id = $admin->getUserId();
|
82 |
return $customer->getConfig($config,$id);
|
83 |
}
|
|
|
|
|
|
|
84 |
}
|
85 |
|
86 |
public function cURLEnabled(){
|
87 |
-
$customer = Mage::helper('MiniOrange_2factor
|
88 |
return $customer->is_curl_installed();
|
89 |
}
|
90 |
|
91 |
|
92 |
-
|
93 |
}
|
3 |
|
4 |
|
5 |
public function isEnabled(){
|
6 |
+
$customer = Mage::helper('MiniOrange_2factor');
|
7 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
8 |
$id = $admin->getUserId();
|
9 |
if($customer->getConfig('isEnabled',$id)==1){
|
23 |
}
|
24 |
|
25 |
public function getHostURl(){
|
26 |
+
return Mage::helper('MiniOrange_2factor')->getHostURl();
|
27 |
}
|
28 |
|
29 |
public function getqrCode(){
|
44 |
}
|
45 |
}
|
46 |
|
47 |
+
public function getCurrentUser(){
|
48 |
+
if (Mage::getSingleton('customer/session')->isLoggedIn()) {
|
49 |
+
$customer = Mage::getSingleton('customer/session')->getCustomer();
|
50 |
+
return $customer->getEmail();
|
51 |
+
}
|
52 |
+
return;
|
53 |
+
}
|
54 |
+
|
55 |
public function showEmail(){
|
56 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
57 |
+
$customer = Mage::helper('MiniOrange_2factor');
|
58 |
$id = $admin->getUserId();
|
59 |
return $customer->showEmail($id);
|
60 |
}
|
76 |
return $url.'adminhtml/default/default/images/MiniOrange_2factor/'.$image.'.png';
|
77 |
}
|
78 |
|
79 |
+
public function isCustomerEnabled(){
|
80 |
+
$customer = Mage::helper('MiniOrange_2factor');
|
81 |
+
if($customer->getConfig('isCustomerEnabled','')==1){
|
82 |
+
return 'checked';
|
83 |
+
}
|
84 |
+
else{
|
85 |
+
return '';
|
86 |
+
}
|
87 |
}
|
88 |
|
89 |
public function getConfig($config,$id=""){
|
90 |
+
$customer = Mage::helper('MiniOrange_2factor');
|
91 |
if($id!=""){
|
92 |
return $customer->getConfig($config,$id);
|
93 |
}
|
94 |
+
else if( !Mage::getSingleton('customer/session')->isLoggedIn() ) {
|
95 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
96 |
$id = $admin->getUserId();
|
97 |
return $customer->getConfig($config,$id);
|
98 |
}
|
99 |
+
else{
|
100 |
+
return $customer->getConfig($config,$id);
|
101 |
+
}
|
102 |
}
|
103 |
|
104 |
public function cURLEnabled(){
|
105 |
+
$customer = Mage::helper('MiniOrange_2factor');
|
106 |
return $customer->is_curl_installed();
|
107 |
}
|
108 |
|
109 |
|
|
|
110 |
}
|
app/code/community/miniOrange/2factor/Controllers/Adminhtml/IndexController.php
CHANGED
@@ -4,22 +4,24 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
4 |
{
|
5 |
private $defaultCustomerKey = "16352";
|
6 |
private $defaultApiKey = "AJG97LGpOVVwFUuuPSij5IH6Kvlu6qEj";
|
7 |
-
|
8 |
public function indexAction(){
|
9 |
-
|
10 |
-
|
11 |
-
|
12 |
-
|
13 |
-
|
14 |
-
|
15 |
-
|
|
|
16 |
}
|
17 |
|
18 |
|
19 |
public function newUserAction(){
|
20 |
$params = $this->getRequest()->getParams();
|
|
|
21 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
22 |
-
if($
|
23 |
$email = $params['email'];
|
24 |
Mage::getSingleton('admin/session')->setEnteredEmail($email);
|
25 |
$password = $params['password'];
|
@@ -61,14 +63,12 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
61 |
$collection = Mage::getModel('admin/user')->getCollection();
|
62 |
foreach($collection as $item){
|
63 |
$ids=$item->getData('user_id');
|
64 |
-
$this->saveConfig('miniorange_2factor_customer_key',$customerKey['id'],$ids);
|
65 |
-
$this->saveConfig('miniorange_2factor_api_key',$customerKey['apiKey'],$ids);
|
66 |
-
$this->saveConfig('miniorange_2factor_token',$customerKey['token'],$ids);
|
67 |
-
$this->saveConfig('miniorange_2factor_admin_registered',$id,$ids);
|
68 |
-
if($ids!=$id){
|
69 |
$this->saveConfig('miniorange_2factor_validated',0,$ids);
|
70 |
-
}
|
71 |
}
|
|
|
|
|
|
|
|
|
72 |
$this->saveConfig('miniorange_2factor_pass',"",$id);
|
73 |
$this->saveConfig('miniorange_2factor_show_otp',0,$id);
|
74 |
$this->saveConfig('miniorange_2factor_show_configure',1,$id);
|
@@ -80,6 +80,7 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
80 |
else{
|
81 |
$this->saveConfig('miniorange_2factor_login',"1",$id);
|
82 |
$this->displayMessage('Invalid Credentials',"ERROR");
|
|
|
83 |
$this->redirect("miniorange_2factor/adminhtml_index/index");
|
84 |
}
|
85 |
}
|
@@ -93,8 +94,9 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
93 |
|
94 |
public function validateNewUserAction(){
|
95 |
$params = $this->getRequest()->getParams();
|
|
|
96 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
97 |
-
if($
|
98 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
99 |
$id = $admin->getUserId();
|
100 |
$otp = $params['otp'];
|
@@ -105,7 +107,7 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
105 |
$content = json_decode($customer->validate_otp_token( 'EMAIL', null, $transactionId , $otp , $this->defaultCustomerKey, $this->defaultApiKey),true);
|
106 |
|
107 |
if(strcasecmp($content['status'], 'SUCCESS') == 0) { //OTP validated and generate QRCode
|
108 |
-
$adminregistered = $
|
109 |
if($adminregistered!="" && $adminregistered==$id){
|
110 |
$this->mo2f_create_customer();
|
111 |
}
|
@@ -139,11 +141,13 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
139 |
|
140 |
public function existingUserAction(){
|
141 |
$params = $this->getRequest()->getParams();
|
|
|
142 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
143 |
-
if($
|
144 |
$email = $params['loginemail'];
|
145 |
Mage::getSingleton('admin/session')->setEnteredEmail($email);
|
146 |
$password = $params['loginpassword'];
|
|
|
147 |
$submit = $params['submit'];
|
148 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
149 |
$id = $admin->getUserId();
|
@@ -152,16 +156,16 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
152 |
$customerKey = json_decode($content, true);
|
153 |
if(json_last_error() == JSON_ERROR_NONE) {
|
154 |
$this->saveConfig('miniorange_2factor_email',$email,$id);
|
|
|
155 |
$collection = Mage::getModel('admin/user')->getCollection();
|
156 |
foreach($collection as $item){
|
157 |
$ids=$item->getData('user_id');
|
158 |
-
$this->saveConfig('miniorange_2factor_customer_key',$customerKey['id'],$ids);
|
159 |
-
$this->saveConfig('miniorange_2factor_api_key',$customerKey['apiKey'],$ids);
|
160 |
-
$this->saveConfig('miniorange_2factor_token',$customerKey['token'],$ids);
|
161 |
-
if($ids!=$id){
|
162 |
$this->saveConfig('miniorange_2factor_validated',0,$ids);
|
163 |
-
}
|
164 |
}
|
|
|
|
|
|
|
|
|
165 |
$this->saveConfig('miniorange_2factor_pass',"",$id);
|
166 |
$this->saveConfig('miniorange_2factor_show_otp',0,$id);
|
167 |
$this->saveConfig('miniorange_2factor_show_configure',1,$id);
|
@@ -194,8 +198,9 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
194 |
|
195 |
public function additionalAdminAction(){
|
196 |
$params = $this->getRequest()->getParams();
|
|
|
197 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
198 |
-
if($
|
199 |
$email = $params['additional_email'];
|
200 |
$phone = $params['additional_phone'];
|
201 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
@@ -224,27 +229,36 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
224 |
}
|
225 |
}
|
226 |
|
227 |
-
public function
|
|
|
228 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
229 |
-
if($
|
230 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
231 |
$id = $admin->getUserId();
|
232 |
$params = $this->getRequest()->getParams();
|
233 |
-
$email = $
|
234 |
-
$validated = $
|
235 |
-
$showqr = $
|
236 |
Mage::getSingleton('admin/session')->setshowLoginSettings(1);
|
237 |
if($email!="" && $validated==1){
|
238 |
if($showqr==0){
|
239 |
-
$
|
240 |
-
|
|
|
241 |
$this->saveConfig('miniorange_2factor_Admin_enable',1,$id);
|
242 |
-
$this->displayMessage('Enabled Two Factor for Admin',"SUCCESS");
|
243 |
}
|
244 |
else{
|
245 |
$this->saveConfig('miniorange_2factor_Admin_enable',0,$id);
|
246 |
-
$this->displayMessage('Disabled Two Factor for Admin',"ERROR");
|
247 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
248 |
$this->redirect("miniorange_2factor/adminhtml_index/index");
|
249 |
}
|
250 |
else{
|
@@ -264,8 +278,9 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
264 |
}
|
265 |
|
266 |
public function supportSubmitAction(){
|
|
|
267 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
268 |
-
if($
|
269 |
$params = $this->getRequest()->getParams();
|
270 |
$user = Mage::getSingleton('admin/session')->getUser();
|
271 |
$customer->submit_contact_us($params['query_email'], $params['query_phone'], $params['query'], $user);
|
@@ -280,8 +295,9 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
280 |
|
281 |
|
282 |
public function registrationSuccessAction(){
|
|
|
283 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
284 |
-
if($
|
285 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
286 |
$id = $admin->getUserId();
|
287 |
$url = Mage::helper("adminhtml")->getUrl('adminhtml/index/logout');
|
@@ -298,13 +314,14 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
298 |
}
|
299 |
|
300 |
public function showQRCodeAction(){
|
|
|
301 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
302 |
-
if($
|
303 |
$params = $this->getRequest()->getParams();
|
304 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
305 |
$id = $admin->getUserId();
|
306 |
-
$email = $
|
307 |
-
$validated = $
|
308 |
if($email!="" && $validated==1){
|
309 |
$this->saveConfig('miniorange_2factor_show_configure',1,$id);
|
310 |
$this->saveConfig('miniorange_2factor_downloaded_app',$params['showDownload'],$id);
|
@@ -322,11 +339,12 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
322 |
}
|
323 |
|
324 |
public function resendValidationOTPAction(){
|
|
|
325 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
326 |
-
if($
|
327 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
328 |
$id = $admin->getUserId();
|
329 |
-
$email = $
|
330 |
$content = json_decode($customer->send_otp_token($email,'EMAIL',$this->defaultCustomerKey,$this->defaultApiKey), true); //send otp for verification
|
331 |
if(strcasecmp($content['status'], 'SUCCESS') == 0){
|
332 |
Mage::getSingleton('admin/session')->setMytextid($content['txId']);
|
@@ -393,13 +411,15 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
393 |
}
|
394 |
|
395 |
private function mo2f_create_customer(){
|
|
|
396 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
397 |
-
if($
|
398 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
399 |
$id = $admin->getUserId();
|
400 |
-
$email = $
|
401 |
-
$password = $
|
402 |
-
$
|
|
|
403 |
if(strcasecmp($customerKey['status'], 'CUSTOMER_USERNAME_ALREADY_EXISTS') == 0) { //admin already exists in miniOrange
|
404 |
$content = $customer->get_customer_key($email,$password);
|
405 |
$customerKey = json_decode($content, true);
|
@@ -407,13 +427,12 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
407 |
$collection = Mage::getModel('admin/user')->getCollection();
|
408 |
foreach($collection as $item){
|
409 |
$ids=$item->getData('user_id');
|
410 |
-
$this->saveConfig('miniorange_2factor_customer_key',$customerKey['id'],$ids);
|
411 |
-
$this->saveConfig('miniorange_2factor_api_key',$customerKey['apiKey'],$ids);
|
412 |
-
$this->saveConfig('miniorange_2factor_token',$customerKey['token'],$ids);
|
413 |
-
if($ids!=$id){
|
414 |
$this->saveConfig('miniorange_2factor_validated',0,$ids);
|
415 |
-
}
|
416 |
}
|
|
|
|
|
|
|
|
|
417 |
$this->saveConfig('miniorange_2factor_pass',"",$id);
|
418 |
$this->saveConfig('miniorange_2factor_show_otp',0,$id);
|
419 |
$this->saveConfig('miniorange_2factor_show_configure',1,$id);
|
@@ -428,13 +447,12 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
428 |
$collection = Mage::getModel('admin/user')->getCollection();
|
429 |
foreach($collection as $item){
|
430 |
$ids=$item->getData('user_id');
|
431 |
-
$this->saveConfig('
|
432 |
-
$this->saveConfig('miniorange_2factor_api_key',$customerKey['apiKey'],$ids);
|
433 |
-
$this->saveConfig('miniorange_2factor_token',$customerKey['token'],$ids);
|
434 |
-
if($ids!=$id){
|
435 |
-
$this->saveConfig('miniorange_2factor_validated',0,$ids);
|
436 |
-
}
|
437 |
}
|
|
|
|
|
|
|
|
|
438 |
$this->saveConfig('miniorange_2factor_pass',"",$id);
|
439 |
$this->saveConfig('miniorange_2factor_show_otp',0,$id);
|
440 |
$this->saveConfig('miniorange_2factor_login',0,$id);
|
@@ -452,10 +470,10 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
452 |
|
453 |
|
454 |
private function mo2f_get_qr_code_for_mobile($email,$id){
|
455 |
-
$
|
456 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
457 |
-
if($
|
458 |
-
$content = $
|
459 |
$response = json_decode($content, true);
|
460 |
if(json_last_error() == JSON_ERROR_NONE) {
|
461 |
Mage::getSingleton('core/session')->setmo2fqrcode($response['qrCode']);
|
@@ -485,5 +503,18 @@ class MiniOrange_2factor_Adminhtml_IndexController extends Mage_Adminhtml_Contro
|
|
485 |
}
|
486 |
}
|
487 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
488 |
|
489 |
}
|
4 |
{
|
5 |
private $defaultCustomerKey = "16352";
|
6 |
private $defaultApiKey = "AJG97LGpOVVwFUuuPSij5IH6Kvlu6qEj";
|
7 |
+
|
8 |
public function indexAction(){
|
9 |
+
$this->loadLayout();
|
10 |
+
$this->renderLayout();
|
11 |
+
Mage::getSingleton('core/session')->unsErrorMessage();
|
12 |
+
Mage::getSingleton('core/session')->unsSuccessMessage();
|
13 |
+
Mage::getSingleton('admin/session')->unsshowLoginSettings();
|
14 |
+
Mage::getSingleton('admin/session')->unsOTPsent();
|
15 |
+
Mage::getSingleton('admin/session')->unsEnteredEmail();
|
16 |
+
Mage::getSingleton('admin/session')->unsaddPhone();
|
17 |
}
|
18 |
|
19 |
|
20 |
public function newUserAction(){
|
21 |
$params = $this->getRequest()->getParams();
|
22 |
+
$helper = Mage::helper('MiniOrange_2factor');
|
23 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
24 |
+
if($helper->is_curl_installed()){
|
25 |
$email = $params['email'];
|
26 |
Mage::getSingleton('admin/session')->setEnteredEmail($email);
|
27 |
$password = $params['password'];
|
63 |
$collection = Mage::getModel('admin/user')->getCollection();
|
64 |
foreach($collection as $item){
|
65 |
$ids=$item->getData('user_id');
|
|
|
|
|
|
|
|
|
|
|
66 |
$this->saveConfig('miniorange_2factor_validated',0,$ids);
|
|
|
67 |
}
|
68 |
+
$storeConfig = new Mage_Core_Model_Config();
|
69 |
+
$storeConfig ->saveConfig('miniOrange/2factor/customerKey',$customerKey['id'], 'default', 0);
|
70 |
+
$storeConfig ->saveConfig('miniOrange/2factor/apiKey',$customerKey['apiKey'], 'default', 0);
|
71 |
+
$storeConfig ->saveConfig('miniOrange/2factor/2factorToken',$customerKey['token'], 'default', 0);
|
72 |
$this->saveConfig('miniorange_2factor_pass',"",$id);
|
73 |
$this->saveConfig('miniorange_2factor_show_otp',0,$id);
|
74 |
$this->saveConfig('miniorange_2factor_show_configure',1,$id);
|
80 |
else{
|
81 |
$this->saveConfig('miniorange_2factor_login',"1",$id);
|
82 |
$this->displayMessage('Invalid Credentials',"ERROR");
|
83 |
+
Mage::getSingleton('core/session')->setaddPhone($phone);
|
84 |
$this->redirect("miniorange_2factor/adminhtml_index/index");
|
85 |
}
|
86 |
}
|
94 |
|
95 |
public function validateNewUserAction(){
|
96 |
$params = $this->getRequest()->getParams();
|
97 |
+
$helper = Mage::helper('MiniOrange_2factor');
|
98 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
99 |
+
if($helper->is_curl_installed()){
|
100 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
101 |
$id = $admin->getUserId();
|
102 |
$otp = $params['otp'];
|
107 |
$content = json_decode($customer->validate_otp_token( 'EMAIL', null, $transactionId , $otp , $this->defaultCustomerKey, $this->defaultApiKey),true);
|
108 |
|
109 |
if(strcasecmp($content['status'], 'SUCCESS') == 0) { //OTP validated and generate QRCode
|
110 |
+
$adminregistered = $helper->getConfig('mainAdmin',$id);
|
111 |
if($adminregistered!="" && $adminregistered==$id){
|
112 |
$this->mo2f_create_customer();
|
113 |
}
|
141 |
|
142 |
public function existingUserAction(){
|
143 |
$params = $this->getRequest()->getParams();
|
144 |
+
$helper = Mage::helper('MiniOrange_2factor');
|
145 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
146 |
+
if($helper->is_curl_installed()){
|
147 |
$email = $params['loginemail'];
|
148 |
Mage::getSingleton('admin/session')->setEnteredEmail($email);
|
149 |
$password = $params['loginpassword'];
|
150 |
+
$phone = Mage::getSingleton('core/session')->getaddPhone();
|
151 |
$submit = $params['submit'];
|
152 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
153 |
$id = $admin->getUserId();
|
156 |
$customerKey = json_decode($content, true);
|
157 |
if(json_last_error() == JSON_ERROR_NONE) {
|
158 |
$this->saveConfig('miniorange_2factor_email',$email,$id);
|
159 |
+
$this->saveConfig('miniorange_2factor_phone',$phone,$id);
|
160 |
$collection = Mage::getModel('admin/user')->getCollection();
|
161 |
foreach($collection as $item){
|
162 |
$ids=$item->getData('user_id');
|
|
|
|
|
|
|
|
|
163 |
$this->saveConfig('miniorange_2factor_validated',0,$ids);
|
|
|
164 |
}
|
165 |
+
$storeConfig = new Mage_Core_Model_Config();
|
166 |
+
$storeConfig ->saveConfig('miniOrange/2factor/customerKey',$customerKey['id'], 'default', 0);
|
167 |
+
$storeConfig ->saveConfig('miniOrange/2factor/apiKey',$customerKey['apiKey'], 'default', 0);
|
168 |
+
$storeConfig ->saveConfig('miniOrange/2factor/2factorToken',$customerKey['token'], 'default', 0);
|
169 |
$this->saveConfig('miniorange_2factor_pass',"",$id);
|
170 |
$this->saveConfig('miniorange_2factor_show_otp',0,$id);
|
171 |
$this->saveConfig('miniorange_2factor_show_configure',1,$id);
|
198 |
|
199 |
public function additionalAdminAction(){
|
200 |
$params = $this->getRequest()->getParams();
|
201 |
+
$helper = Mage::helper('MiniOrange_2factor');
|
202 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
203 |
+
if($helper->is_curl_installed()){
|
204 |
$email = $params['additional_email'];
|
205 |
$phone = $params['additional_phone'];
|
206 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
229 |
}
|
230 |
}
|
231 |
|
232 |
+
public function saveLoginSettingsAction(){
|
233 |
+
$helper = Mage::helper('MiniOrange_2factor');
|
234 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
235 |
+
if($helper->is_curl_installed()){
|
236 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
237 |
$id = $admin->getUserId();
|
238 |
$params = $this->getRequest()->getParams();
|
239 |
+
$email = $helper->getConfig('email',$id);
|
240 |
+
$validated = $helper->getConfig('validated',$id);
|
241 |
+
$showqr = $helper->getConfig('configure',$id);
|
242 |
Mage::getSingleton('admin/session')->setshowLoginSettings(1);
|
243 |
if($email!="" && $validated==1){
|
244 |
if($showqr==0){
|
245 |
+
$value1 = $params['adminrole_activation'];
|
246 |
+
$value2 = $params['customer_activation'];
|
247 |
+
if($value1==1){
|
248 |
$this->saveConfig('miniorange_2factor_Admin_enable',1,$id);
|
|
|
249 |
}
|
250 |
else{
|
251 |
$this->saveConfig('miniorange_2factor_Admin_enable',0,$id);
|
|
|
252 |
}
|
253 |
+
if($value2==1){
|
254 |
+
$storeConfig = new Mage_Core_Model_Config();
|
255 |
+
$storeConfig ->saveConfig('miniOrange/2factor/customer/enable','1', 'default', 0);
|
256 |
+
}
|
257 |
+
else{
|
258 |
+
$storeConfig = new Mage_Core_Model_Config();
|
259 |
+
$storeConfig ->saveConfig('miniOrange/2factor/customer/enable','0', 'default', 0);
|
260 |
+
}
|
261 |
+
$this->displayMessage('Settings Saved.',"SUCCESS");
|
262 |
$this->redirect("miniorange_2factor/adminhtml_index/index");
|
263 |
}
|
264 |
else{
|
278 |
}
|
279 |
|
280 |
public function supportSubmitAction(){
|
281 |
+
$helper = Mage::helper('MiniOrange_2factor');
|
282 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
283 |
+
if($helper->is_curl_installed()){
|
284 |
$params = $this->getRequest()->getParams();
|
285 |
$user = Mage::getSingleton('admin/session')->getUser();
|
286 |
$customer->submit_contact_us($params['query_email'], $params['query_phone'], $params['query'], $user);
|
295 |
|
296 |
|
297 |
public function registrationSuccessAction(){
|
298 |
+
$helper = Mage::helper('MiniOrange_2factor');
|
299 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
300 |
+
if($helper->is_curl_installed()){
|
301 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
302 |
$id = $admin->getUserId();
|
303 |
$url = Mage::helper("adminhtml")->getUrl('adminhtml/index/logout');
|
314 |
}
|
315 |
|
316 |
public function showQRCodeAction(){
|
317 |
+
$helper = Mage::helper('MiniOrange_2factor');
|
318 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
319 |
+
if($helper->is_curl_installed()){
|
320 |
$params = $this->getRequest()->getParams();
|
321 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
322 |
$id = $admin->getUserId();
|
323 |
+
$email = $helper->getConfig('email',$id);
|
324 |
+
$validated = $helper->getConfig('validated',$id);
|
325 |
if($email!="" && $validated==1){
|
326 |
$this->saveConfig('miniorange_2factor_show_configure',1,$id);
|
327 |
$this->saveConfig('miniorange_2factor_downloaded_app',$params['showDownload'],$id);
|
339 |
}
|
340 |
|
341 |
public function resendValidationOTPAction(){
|
342 |
+
$helper = Mage::helper('MiniOrange_2factor');
|
343 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
344 |
+
if($helper->is_curl_installed()){
|
345 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
346 |
$id = $admin->getUserId();
|
347 |
+
$email = $helper->getConfig('email',$id);
|
348 |
$content = json_decode($customer->send_otp_token($email,'EMAIL',$this->defaultCustomerKey,$this->defaultApiKey), true); //send otp for verification
|
349 |
if(strcasecmp($content['status'], 'SUCCESS') == 0){
|
350 |
Mage::getSingleton('admin/session')->setMytextid($content['txId']);
|
411 |
}
|
412 |
|
413 |
private function mo2f_create_customer(){
|
414 |
+
$helper = Mage::helper('MiniOrange_2factor');
|
415 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
416 |
+
if($helper->is_curl_installed()){
|
417 |
$admin = Mage::getSingleton('admin/session')->getUser();
|
418 |
$id = $admin->getUserId();
|
419 |
+
$email = $helper->getConfig('email',$id);
|
420 |
+
$password = $helper->getConfig('pass',$id);
|
421 |
+
$phone = $helper->getConfig('phone',$id);
|
422 |
+
$customerKey = json_decode($customer->create_customer($email,$phone,$password), true);
|
423 |
if(strcasecmp($customerKey['status'], 'CUSTOMER_USERNAME_ALREADY_EXISTS') == 0) { //admin already exists in miniOrange
|
424 |
$content = $customer->get_customer_key($email,$password);
|
425 |
$customerKey = json_decode($content, true);
|
427 |
$collection = Mage::getModel('admin/user')->getCollection();
|
428 |
foreach($collection as $item){
|
429 |
$ids=$item->getData('user_id');
|
|
|
|
|
|
|
|
|
430 |
$this->saveConfig('miniorange_2factor_validated',0,$ids);
|
|
|
431 |
}
|
432 |
+
$storeConfig = new Mage_Core_Model_Config();
|
433 |
+
$storeConfig ->saveConfig('miniOrange/2factor/customerKey',$customerKey['id'], 'default', 0);
|
434 |
+
$storeConfig ->saveConfig('miniOrange/2factor/apiKey',$customerKey['apiKey'], 'default', 0);
|
435 |
+
$storeConfig ->saveConfig('miniOrange/2factor/2factorToken',$customerKey['token'], 'default', 0);
|
436 |
$this->saveConfig('miniorange_2factor_pass',"",$id);
|
437 |
$this->saveConfig('miniorange_2factor_show_otp',0,$id);
|
438 |
$this->saveConfig('miniorange_2factor_show_configure',1,$id);
|
447 |
$collection = Mage::getModel('admin/user')->getCollection();
|
448 |
foreach($collection as $item){
|
449 |
$ids=$item->getData('user_id');
|
450 |
+
$this->saveConfig('miniorange_2factor_validated',0,$ids);
|
|
|
|
|
|
|
|
|
|
|
451 |
}
|
452 |
+
$storeConfig = new Mage_Core_Model_Config();
|
453 |
+
$storeConfig ->saveConfig('miniOrange/2factor/customerKey',$customerKey['id'], 'default', 0);
|
454 |
+
$storeConfig ->saveConfig('miniOrange/2factor/apiKey',$customerKey['apiKey'], 'default', 0);
|
455 |
+
$storeConfig ->saveConfig('miniOrange/2factor/2factorToken',$customerKey['token'], 'default', 0);
|
456 |
$this->saveConfig('miniorange_2factor_pass',"",$id);
|
457 |
$this->saveConfig('miniorange_2factor_show_otp',0,$id);
|
458 |
$this->saveConfig('miniorange_2factor_login',0,$id);
|
470 |
|
471 |
|
472 |
private function mo2f_get_qr_code_for_mobile($email,$id){
|
473 |
+
$helper = Mage::helper('MiniOrange_2factor');
|
474 |
$customer = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
475 |
+
if($helper->is_curl_installed()){
|
476 |
+
$content = $customer->register_mobile($email,$id);
|
477 |
$response = json_decode($content, true);
|
478 |
if(json_last_error() == JSON_ERROR_NONE) {
|
479 |
Mage::getSingleton('core/session')->setmo2fqrcode($response['qrCode']);
|
503 |
}
|
504 |
}
|
505 |
|
506 |
+
/*private function saveSettingsforCustomers($config,$value){
|
507 |
+
$data = array($config=>$value);
|
508 |
+
$collection = Mage::getModel('customer/customer')->getCollection();
|
509 |
+
foreach($collection as $item){
|
510 |
+
$id=$item->getData('entity_id');
|
511 |
+
$model = Mage::getModel('customer/customer')->load($id)->addData($data);
|
512 |
+
try {
|
513 |
+
$model->setId($id)->save();
|
514 |
+
} catch (Exception $e){
|
515 |
+
Mage::log($e->getMessage(), null, 'miniorage_error.log', true);
|
516 |
+
}
|
517 |
+
}
|
518 |
+
}*/
|
519 |
|
520 |
}
|
app/code/community/miniOrange/2factor/Helper/Data.php
CHANGED
@@ -1,4 +1,128 @@
|
|
1 |
<?php
|
2 |
class MiniOrange_2factor_Helper_Data extends Mage_Core_Helper_Abstract
|
3 |
{
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
4 |
}
|
1 |
<?php
|
2 |
class MiniOrange_2factor_Helper_Data extends Mage_Core_Helper_Abstract
|
3 |
{
|
4 |
+
public $hostname = "https://test.miniorange.com";
|
5 |
+
|
6 |
+
function adminExists($username){
|
7 |
+
$adminuser = Mage::getModel('admin/user');
|
8 |
+
$adminuser->loadByUsername($username);
|
9 |
+
if ($adminuser->getId()){
|
10 |
+
return true;
|
11 |
+
}
|
12 |
+
else{
|
13 |
+
return false;
|
14 |
+
}
|
15 |
+
}
|
16 |
+
|
17 |
+
function getHostURl(){
|
18 |
+
return $this->hostname;
|
19 |
+
}
|
20 |
+
|
21 |
+
function getAdmin($username){
|
22 |
+
$adminuser = Mage::getModel('admin/user');
|
23 |
+
$adminuser->loadByUsername($username);
|
24 |
+
if ($adminuser->getId()){
|
25 |
+
return $adminuser;
|
26 |
+
}
|
27 |
+
else{
|
28 |
+
return;
|
29 |
+
}
|
30 |
+
}
|
31 |
+
|
32 |
+
/*Function to extract config stored in the database*/
|
33 |
+
function getConfig($config,$id){
|
34 |
+
switch($config){
|
35 |
+
case 'isEnabled':
|
36 |
+
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_Admin_enable');
|
37 |
+
break;
|
38 |
+
case 'isCustomerEnabled':
|
39 |
+
$result = Mage::getStoreConfig('miniOrange/2factor/customer/enable');
|
40 |
+
break;
|
41 |
+
case 'email':
|
42 |
+
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_email');
|
43 |
+
break;
|
44 |
+
case 'pass':
|
45 |
+
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_pass');
|
46 |
+
break;
|
47 |
+
case 'customerKey':
|
48 |
+
$result = Mage::getStoreConfig('miniOrange/2factor/customerKey');
|
49 |
+
break;
|
50 |
+
case 'apiKey':
|
51 |
+
$result = Mage::getStoreConfig('miniOrange/2factor/apiKey');
|
52 |
+
break;
|
53 |
+
case 'apiToken':
|
54 |
+
$result = Mage::getStoreConfig('miniOrange/2factor/2factorToken');
|
55 |
+
break;
|
56 |
+
case 'otp':
|
57 |
+
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_show_otp');
|
58 |
+
break;
|
59 |
+
case 'qrcode':
|
60 |
+
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_show_qr');
|
61 |
+
break;
|
62 |
+
case 'configure':
|
63 |
+
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_show_configure');
|
64 |
+
break;
|
65 |
+
case 'validated':
|
66 |
+
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_validated');
|
67 |
+
break;
|
68 |
+
case 'login':
|
69 |
+
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_login');
|
70 |
+
break;
|
71 |
+
case 'mainAdmin':
|
72 |
+
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_admin_registered');
|
73 |
+
break;
|
74 |
+
case 'downloaded':
|
75 |
+
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_downloaded_app');
|
76 |
+
break;
|
77 |
+
case 'phone':
|
78 |
+
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_phone');
|
79 |
+
break;
|
80 |
+
case 'customer_mobile_configured':
|
81 |
+
$result = Mage::getModel('customer/customer')->load($id)->getData('miniorange_phone');
|
82 |
+
break;
|
83 |
+
case 'customer_phone':
|
84 |
+
$result = Mage::getModel('customer/customer')->load($id)->getData('miniorange_mobileconfigured');
|
85 |
+
break;
|
86 |
+
default:
|
87 |
+
return;
|
88 |
+
break;
|
89 |
+
}
|
90 |
+
return $result;
|
91 |
+
}
|
92 |
+
|
93 |
+
/*Function to show his partial registered email to user*/
|
94 |
+
function showEmail($id){
|
95 |
+
$email = $this->getConfig('email',$id);
|
96 |
+
$emailsize = strlen($email);
|
97 |
+
$partialemail = substr($email,0,1);
|
98 |
+
$temp = strrpos($email,"@");
|
99 |
+
$endemail = substr($email,$temp-1,$emailsize);
|
100 |
+
for($i=1;$i<$temp;$i++){
|
101 |
+
$partialemail = $partialemail . 'x';
|
102 |
+
}
|
103 |
+
$showemail = $partialemail . $endemail;
|
104 |
+
|
105 |
+
return $showemail;
|
106 |
+
}
|
107 |
+
|
108 |
+
/*Function to check if cURL is enabled*/
|
109 |
+
function is_curl_installed() {
|
110 |
+
if (in_array ('curl', get_loaded_extensions())) {
|
111 |
+
return 1;
|
112 |
+
} else
|
113 |
+
return 0;
|
114 |
+
}
|
115 |
+
|
116 |
+
function displayMessage($message,$type){
|
117 |
+
Mage::getSingleton('core/session')->getMessages(true);
|
118 |
+
if(strcasecmp( $type,"SUCCESS") == 0)
|
119 |
+
Mage::getSingleton('core/session')->addSuccess($message);
|
120 |
+
else if(strcasecmp($type,"ERROR") == 0)
|
121 |
+
Mage::getSingleton('core/session')->addError($message);
|
122 |
+
else if(strcasecmp($type,"NOTICE")==0)
|
123 |
+
Mage::getSingleton('core/session')->addNotice($message);
|
124 |
+
else
|
125 |
+
Mage::getSingleton('core/session')->addWarning($message);
|
126 |
+
}
|
127 |
+
|
128 |
}
|
app/code/community/miniOrange/2factor/Helper/mo2fUtility.php
CHANGED
@@ -25,13 +25,9 @@ class MiniOrange_2factor_Helper_mo2fUtility extends Mage_Core_Helper_Abstract{
|
|
25 |
|
26 |
public $email;
|
27 |
public $phone;
|
28 |
-
public $hostname = "https://
|
29 |
public $pluginName = 'Magento 2 Factor Authentication Plugin';
|
30 |
|
31 |
-
function getHostURl(){
|
32 |
-
return $this->hostname;
|
33 |
-
}
|
34 |
-
|
35 |
function check_customer($email){
|
36 |
$url = $this->hostname . '/moas/rest/customer/check-if-exists';
|
37 |
$ch = curl_init( $url );
|
@@ -290,27 +286,6 @@ class MiniOrange_2factor_Helper_mo2fUtility extends Mage_Core_Helper_Abstract{
|
|
290 |
return true;
|
291 |
}
|
292 |
|
293 |
-
function adminExists($username){
|
294 |
-
$adminuser = Mage::getModel('admin/user');
|
295 |
-
$adminuser->loadByUsername($username);
|
296 |
-
if ($adminuser->getId()){
|
297 |
-
return true;
|
298 |
-
}
|
299 |
-
else{
|
300 |
-
return false;
|
301 |
-
}
|
302 |
-
}
|
303 |
-
|
304 |
-
function getAdmin($username){
|
305 |
-
$adminuser = Mage::getModel('admin/user');
|
306 |
-
$adminuser->loadByUsername($username);
|
307 |
-
if ($adminuser->getId()){
|
308 |
-
return $adminuser;
|
309 |
-
}
|
310 |
-
else{
|
311 |
-
return;
|
312 |
-
}
|
313 |
-
}
|
314 |
|
315 |
function register_mobile($useremail,$id){
|
316 |
$url = $this->hostname . '/moas/api/auth/register-mobile';
|
@@ -318,10 +293,10 @@ class MiniOrange_2factor_Helper_mo2fUtility extends Mage_Core_Helper_Abstract{
|
|
318 |
$email = $useremail;
|
319 |
|
320 |
/* The customer Key provided to you */
|
321 |
-
$customerKey =
|
322 |
|
323 |
/* The customer API Key provided to you */
|
324 |
-
$apiKey =
|
325 |
|
326 |
/* Current time in milliseconds since midnight, January 1, 1970 UTC. */
|
327 |
$currentTimeInMillis = round(microtime(true) * 1000);
|
@@ -413,76 +388,4 @@ class MiniOrange_2factor_Helper_mo2fUtility extends Mage_Core_Helper_Abstract{
|
|
413 |
return $content;
|
414 |
}
|
415 |
|
416 |
-
/*Function to extract config stored in the database*/
|
417 |
-
function getConfig($config,$id){
|
418 |
-
switch($config){
|
419 |
-
case 'isEnabled':
|
420 |
-
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_Admin_enable');
|
421 |
-
break;
|
422 |
-
case 'email':
|
423 |
-
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_email');
|
424 |
-
break;
|
425 |
-
case 'pass':
|
426 |
-
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_pass');
|
427 |
-
break;
|
428 |
-
case 'customerKey':
|
429 |
-
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_customer_key');
|
430 |
-
break;
|
431 |
-
case 'apiKey':
|
432 |
-
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_api_key');
|
433 |
-
break;
|
434 |
-
case 'apiToken':
|
435 |
-
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_token');
|
436 |
-
break;
|
437 |
-
case 'otp':
|
438 |
-
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_show_otp');
|
439 |
-
break;
|
440 |
-
case 'qrcode':
|
441 |
-
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_show_qr');
|
442 |
-
break;
|
443 |
-
case 'configure':
|
444 |
-
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_show_configure');
|
445 |
-
break;
|
446 |
-
case 'validated':
|
447 |
-
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_validated');
|
448 |
-
break;
|
449 |
-
case 'login':
|
450 |
-
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_login');
|
451 |
-
break;
|
452 |
-
case 'mainAdmin':
|
453 |
-
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_admin_registered');
|
454 |
-
break;
|
455 |
-
case 'downloaded':
|
456 |
-
$result = Mage::getModel('admin/user')->load($id)->getData('miniorange_2factor_downloaded_app');
|
457 |
-
break;
|
458 |
-
default:
|
459 |
-
return;
|
460 |
-
break;
|
461 |
-
}
|
462 |
-
return $result;
|
463 |
-
}
|
464 |
-
|
465 |
-
/*Function to show his partial registered email to user*/
|
466 |
-
function showEmail($id){
|
467 |
-
$email = $this->getConfig('email',$id);
|
468 |
-
$emailsize = strlen($email);
|
469 |
-
$partialemail = substr($email,0,1);
|
470 |
-
$temp = strrpos($email,"@");
|
471 |
-
$endemail = substr($email,$temp-1,$emailsize);
|
472 |
-
for($i=1;$i<$temp;$i++){
|
473 |
-
$partialemail = $partialemail . 'x';
|
474 |
-
}
|
475 |
-
$showemail = $partialemail . $endemail;
|
476 |
-
|
477 |
-
return $showemail;
|
478 |
-
}
|
479 |
-
|
480 |
-
/*Function to check if cURL is enabled*/
|
481 |
-
function is_curl_installed() {
|
482 |
-
if (in_array ('curl', get_loaded_extensions())) {
|
483 |
-
return 1;
|
484 |
-
} else
|
485 |
-
return 0;
|
486 |
-
}
|
487 |
-
|
488 |
}?>
|
25 |
|
26 |
public $email;
|
27 |
public $phone;
|
28 |
+
public $hostname = "https://test.miniorange.com";
|
29 |
public $pluginName = 'Magento 2 Factor Authentication Plugin';
|
30 |
|
|
|
|
|
|
|
|
|
31 |
function check_customer($email){
|
32 |
$url = $this->hostname . '/moas/rest/customer/check-if-exists';
|
33 |
$ch = curl_init( $url );
|
286 |
return true;
|
287 |
}
|
288 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
289 |
|
290 |
function register_mobile($useremail,$id){
|
291 |
$url = $this->hostname . '/moas/api/auth/register-mobile';
|
293 |
$email = $useremail;
|
294 |
|
295 |
/* The customer Key provided to you */
|
296 |
+
$customerKey = Mage::helper('MiniOrange_2factor')->getConfig('customerKey',$id);
|
297 |
|
298 |
/* The customer API Key provided to you */
|
299 |
+
$apiKey = Mage::helper('MiniOrange_2factor')->getConfig('apiKey',$id);
|
300 |
|
301 |
/* Current time in milliseconds since midnight, January 1, 1970 UTC. */
|
302 |
$currentTimeInMillis = round(microtime(true) * 1000);
|
388 |
return $content;
|
389 |
}
|
390 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
391 |
}?>
|
app/code/community/miniOrange/2factor/Model/Observer.php
CHANGED
@@ -10,6 +10,7 @@ class MiniOrange_2factor_Model_Observer
|
|
10 |
$request = Mage::app()->getRequest();
|
11 |
$session = Mage::getSingleton('adminhtml/session');
|
12 |
$helper = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
|
|
13 |
if ( $request->getRequestedControllerName() == 'index' && $request->getRequestedActionName() == 'login'){
|
14 |
$session->unsLoginStatus();
|
15 |
$session->unsWelcomeMessage();
|
@@ -29,7 +30,7 @@ class MiniOrange_2factor_Model_Observer
|
|
29 |
$user = Mage::getModel('admin/user');
|
30 |
Mage::getSingleton('adminhtml/session')->getMessages(true);
|
31 |
if($session->getLoginStatus()!='MO_2_FACTOR_CHALLENGE_AUTHENTICATION'){
|
32 |
-
if($
|
33 |
if($user->authenticate($request->getPost('miniorange-username'),$request->getPost('miniorange-password'))){
|
34 |
$useragent = $_SERVER['HTTP_USER_AGENT'];
|
35 |
if(strpos($useragent,'Mobi') !== false){
|
@@ -42,11 +43,11 @@ class MiniOrange_2factor_Model_Observer
|
|
42 |
else{
|
43 |
$admin = $user->login($request->getPost('miniorange-username'), $request->getPost('miniorange-password'));
|
44 |
$id = $admin->getUserId();
|
45 |
-
if($
|
46 |
-
$apiKey = $
|
47 |
-
$customerKey = $
|
48 |
-
$showemail = $
|
49 |
-
$content = $helper->send_otp_token($
|
50 |
$response = json_decode($content, true);
|
51 |
if(json_last_error() == JSON_ERROR_NONE){
|
52 |
$session->setLoginUsername($request->getPost('miniorange-username'));
|
@@ -73,9 +74,9 @@ class MiniOrange_2factor_Model_Observer
|
|
73 |
if( $request->getPost('softtoken')!=null){
|
74 |
$user = Mage::getModel('admin/user')->login($session->getLoginUsername(),$session->getLoginPassword());
|
75 |
$id = $user->getUserId();
|
76 |
-
$email = $
|
77 |
-
$customerKey = $
|
78 |
-
$apiKey = $
|
79 |
$content = $helper->validate_otp_token('SOFT TOKEN',$email, null, $request->getPost('softtoken'), $customerKey, $apiKey);
|
80 |
$response = json_decode($content, true);
|
81 |
if(strcasecmp($response['status'], 'FAILED') != 0){
|
@@ -107,9 +108,9 @@ class MiniOrange_2factor_Model_Observer
|
|
107 |
if(!$session->getshowforgotphone()){
|
108 |
$user = Mage::getModel('admin/user')->login($session->getLoginUsername(),$session->getLoginPassword());
|
109 |
$id = $user->getUserId();
|
110 |
-
$email = $
|
111 |
-
$customerKey = $
|
112 |
-
$apiKey = $
|
113 |
$response = json_decode($helper->send_otp_token($email,'EMAIL',$customerKey,$apiKey), true);
|
114 |
if(strcasecmp($response['status'], 'SUCCESS') == 0){
|
115 |
$session->setOTPtxtId($response['txId']);
|
@@ -128,9 +129,9 @@ class MiniOrange_2factor_Model_Observer
|
|
128 |
$user = Mage::getModel('admin/user')->login($session->getLoginUsername(),$session->getLoginPassword());
|
129 |
$id = $user->getUserId();
|
130 |
if( $request->getPost('forgotPhoneOtp')!=null){
|
131 |
-
$email = $
|
132 |
-
$customerKey = $
|
133 |
-
$apiKey = $
|
134 |
$content = $helper->validate_otp_token('EMAIL',$email, $session->getOTPtxtId(), $request->getPost('forgotPhoneOtp'), $customerKey, $apiKey);
|
135 |
$response = json_decode($content, true);
|
136 |
if(strcasecmp($response['status'], 'FAILED') != 0){
|
@@ -183,4 +184,61 @@ class MiniOrange_2factor_Model_Observer
|
|
183 |
Mage::dispatchEvent('admin_session_user_login_success',array('user'=>$user));
|
184 |
}
|
185 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
186 |
}
|
10 |
$request = Mage::app()->getRequest();
|
11 |
$session = Mage::getSingleton('adminhtml/session');
|
12 |
$helper = Mage::helper('MiniOrange_2factor/mo2fUtility');
|
13 |
+
$data = Mage::helper('MiniOrange_2factor');
|
14 |
if ( $request->getRequestedControllerName() == 'index' && $request->getRequestedActionName() == 'login'){
|
15 |
$session->unsLoginStatus();
|
16 |
$session->unsWelcomeMessage();
|
30 |
$user = Mage::getModel('admin/user');
|
31 |
Mage::getSingleton('adminhtml/session')->getMessages(true);
|
32 |
if($session->getLoginStatus()!='MO_2_FACTOR_CHALLENGE_AUTHENTICATION'){
|
33 |
+
if($data->adminExists($request->getPost('miniorange-username'))){
|
34 |
if($user->authenticate($request->getPost('miniorange-username'),$request->getPost('miniorange-password'))){
|
35 |
$useragent = $_SERVER['HTTP_USER_AGENT'];
|
36 |
if(strpos($useragent,'Mobi') !== false){
|
43 |
else{
|
44 |
$admin = $user->login($request->getPost('miniorange-username'), $request->getPost('miniorange-password'));
|
45 |
$id = $admin->getUserId();
|
46 |
+
if($data->getConfig('isEnabled',$id)==1){
|
47 |
+
$apiKey = $data->getConfig('apiKey',$id);
|
48 |
+
$customerKey = $data->getConfig('customerKey',$id);
|
49 |
+
$showemail = $data->showEmail($id);
|
50 |
+
$content = $helper->send_otp_token($data->getConfig('email',$id),'MOBILE AUTHENTICATION', $customerKey, $apiKey);
|
51 |
$response = json_decode($content, true);
|
52 |
if(json_last_error() == JSON_ERROR_NONE){
|
53 |
$session->setLoginUsername($request->getPost('miniorange-username'));
|
74 |
if( $request->getPost('softtoken')!=null){
|
75 |
$user = Mage::getModel('admin/user')->login($session->getLoginUsername(),$session->getLoginPassword());
|
76 |
$id = $user->getUserId();
|
77 |
+
$email = $data->getConfig('email',$id);
|
78 |
+
$customerKey = $data->getConfig('customerKey',$id);
|
79 |
+
$apiKey = $data->getConfig('apiKey',$id);
|
80 |
$content = $helper->validate_otp_token('SOFT TOKEN',$email, null, $request->getPost('softtoken'), $customerKey, $apiKey);
|
81 |
$response = json_decode($content, true);
|
82 |
if(strcasecmp($response['status'], 'FAILED') != 0){
|
108 |
if(!$session->getshowforgotphone()){
|
109 |
$user = Mage::getModel('admin/user')->login($session->getLoginUsername(),$session->getLoginPassword());
|
110 |
$id = $user->getUserId();
|
111 |
+
$email = $data->getConfig('email',$id);
|
112 |
+
$customerKey = $data->getConfig('customerKey',$id);
|
113 |
+
$apiKey = $data->getConfig('apiKey',$id);
|
114 |
$response = json_decode($helper->send_otp_token($email,'EMAIL',$customerKey,$apiKey), true);
|
115 |
if(strcasecmp($response['status'], 'SUCCESS') == 0){
|
116 |
$session->setOTPtxtId($response['txId']);
|
129 |
$user = Mage::getModel('admin/user')->login($session->getLoginUsername(),$session->getLoginPassword());
|
130 |
$id = $user->getUserId();
|
131 |
if( $request->getPost('forgotPhoneOtp')!=null){
|
132 |
+
$email = $data->getConfig('email',$id);
|
133 |
+
$customerKey = $data->getConfig('customerKey',$id);
|
134 |
+
$apiKey = $data->getConfig('apiKey',$id);
|
135 |
$content = $helper->validate_otp_token('EMAIL',$email, $session->getOTPtxtId(), $request->getPost('forgotPhoneOtp'), $customerKey, $apiKey);
|
136 |
$response = json_decode($content, true);
|
137 |
if(strcasecmp($response['status'], 'FAILED') != 0){
|
184 |
Mage::dispatchEvent('admin_session_user_login_success',array('user'=>$user));
|
185 |
}
|
186 |
|
187 |
+
|
188 |
+
//-----------------//
|
189 |
+
public function customerLogin(Varien_Event_Observer $observer){
|
190 |
+
$request = Mage::app()->getRequest();
|
191 |
+
$session = Mage::getSingleton('customer/session');
|
192 |
+
$session->setBeforeAuthUrl(Mage::getUrl('twofactorauth/Index/configureTwoFactorPage'));
|
193 |
+
}
|
194 |
+
|
195 |
+
|
196 |
+
public function customerAuthenticateAfter(Varien_Event_Observer $observer){
|
197 |
+
if(Mage::getSingleton('core/session')->getValidationMessage()!=""){
|
198 |
+
Mage::getSingleton('core/session')->unsValidationMessage();
|
199 |
+
throw Mage::exception('Mage_Core','Authentication Failed! Please try again!',2);
|
200 |
+
}
|
201 |
+
|
202 |
+
if (Mage::helper('MiniOrange_2factor')->getConfig('isCustomerEnabled') && Mage::helper('MiniOrange_2factor')->getConfig('miniorange_mobileconfigured')) {
|
203 |
+
$redirectUrl = Mage::getModel('core/url')->getUrl('twofactorauth/Index/validationPage');
|
204 |
+
$session = Mage::getSingleton('customer/session');
|
205 |
+
$session->setOriginalAfterAuthUrl($session->getAfterAuthUrl());
|
206 |
+
$session->setAfterAuthUrl($redirectUrl);
|
207 |
+
}
|
208 |
+
else{
|
209 |
+
Mage::helper('MiniOrange_2factor')->displayMessage('Admin has Enabled Two Factor Authentication for your account. Please configure your account below.','NOTICE');
|
210 |
+
return $this;
|
211 |
+
}
|
212 |
+
|
213 |
+
/*$customer = $observer->getEvent()->getModel();
|
214 |
+
$request = Mage::app()->getRequest();
|
215 |
+
if ( $request->getRequestedControllerName() == 'account' && $request->getRequestedActionName() == 'loginPost'){
|
216 |
+
$request->setControllerName('Index')
|
217 |
+
->setModuleName('twofactorauth')
|
218 |
+
->setActionName('validationPage')
|
219 |
+
->setDispatched(false);
|
220 |
+
|
221 |
+
}*/
|
222 |
+
}
|
223 |
+
|
224 |
+
|
225 |
+
/*
|
226 |
+
@ This is used along with <controller_action_layout_generate_blocks_before> event to get details about the controller and action being called.
|
227 |
+
public function logCompiledLayout($o){
|
228 |
+
$req = Mage::app()->getRequest();
|
229 |
+
$info = sprintf(
|
230 |
+
"\nRequest: %s\nFull Action Name: %s_%s_%s\nHandles:\n\t%s\nUpdate XML:\n%s",
|
231 |
+
$req->getRouteName(),
|
232 |
+
$req->getRequestedRouteName(), //full action name 1/3
|
233 |
+
$req->getRequestedControllerName(), //full action name 2/3
|
234 |
+
$req->getRequestedActionName(), //full action name 3/3
|
235 |
+
implode("\n\t",$o->getLayout()->getUpdate()->getHandles()),
|
236 |
+
$o->getLayout()->getUpdate()->asString()
|
237 |
+
);
|
238 |
+
|
239 |
+
// Force logging to var/log/layout.log
|
240 |
+
Mage::log($info, Zend_Log::INFO, 'layout.log', true);
|
241 |
+
}
|
242 |
+
*/
|
243 |
+
|
244 |
}
|
app/code/community/miniOrange/2factor/sql/MiniOrange_2factor_setup/mysql4-install-0.0.1.php
CHANGED
@@ -5,16 +5,10 @@ $installer = $this;
|
|
5 |
|
6 |
$installer->startSetup();
|
7 |
|
8 |
-
/**
|
9 |
-
* Add yubikey field to table 'admin/user'
|
10 |
-
*/
|
11 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_email', 'varchar(128) null');
|
12 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_pass', 'varchar(100) null');
|
13 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_phone', 'varchar(60) null');
|
14 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_Admin_enable', 'int null');
|
15 |
-
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_customer_key', 'varchar(25) null');
|
16 |
-
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_api_key', 'varchar(50) null');
|
17 |
-
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_token', 'varchar(50) null');
|
18 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_show_otp', 'int null');
|
19 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_show_qr', 'int null');
|
20 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_show_configure', 'int null');
|
@@ -23,4 +17,5 @@ $installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorang
|
|
23 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_admin_registered', 'int null');
|
24 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_downloaded_app', 'int null');
|
25 |
|
|
|
26 |
$installer->endSetup();
|
5 |
|
6 |
$installer->startSetup();
|
7 |
|
|
|
|
|
|
|
8 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_email', 'varchar(128) null');
|
9 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_pass', 'varchar(100) null');
|
10 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_phone', 'varchar(60) null');
|
11 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_Admin_enable', 'int null');
|
|
|
|
|
|
|
12 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_show_otp', 'int null');
|
13 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_show_qr', 'int null');
|
14 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_show_configure', 'int null');
|
17 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_admin_registered', 'int null');
|
18 |
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'miniorange_2factor_downloaded_app', 'int null');
|
19 |
|
20 |
+
|
21 |
$installer->endSetup();
|
app/design/adminhtml/default/default/template/miniorange_2factor/login.phtml
CHANGED
@@ -58,7 +58,7 @@
|
|
58 |
</script>
|
59 |
<script>
|
60 |
var poll="<?php echo Mage::getSingleton('adminhtml/session')->getWelcomeMessage() ?>";if(poll=="1"){var $t=jQuery.noConflict();var timeout;function pollMobileValidation()
|
61 |
-
{var transId="<?php echo Mage::getSingleton('adminhtml/session')->getLogintxtId() ?>";var jsonString="{\"txId\":\""+transId+"\"}";var postUrl="<?php echo Mage::helper('MiniOrange_2factor
|
62 |
pollMobileValidation();}
|
63 |
</script>
|
64 |
<script>
|
58 |
</script>
|
59 |
<script>
|
60 |
var poll="<?php echo Mage::getSingleton('adminhtml/session')->getWelcomeMessage() ?>";if(poll=="1"){var $t=jQuery.noConflict();var timeout;function pollMobileValidation()
|
61 |
+
{var transId="<?php echo Mage::getSingleton('adminhtml/session')->getLogintxtId() ?>";var jsonString="{\"txId\":\""+transId+"\"}";var postUrl="<?php echo Mage::helper('MiniOrange_2factor')->getHostURl()?>/moas/api/auth/auth-status";$t.ajax({url:postUrl,type:"POST",dataType:"json",data:jsonString,contentType:"application/json; charset=utf-8",success:function(result){var status=JSON.parse(JSON.stringify(result)).status;if(status=='SUCCESS'){var content="<div id='success'><center><img src='"+"<?php echo Mage::getBaseUrl(Mage_Core_Model_Store::URL_TYPE_SKIN).'adminhtml/default/default/images/MiniOrange_2factor/right.png'; ?>"+"'/></center></div>";$t("#showQrCode").empty();$t("#showQrCode").append(content);setTimeout(function(){$t("#QrCode").hide();$t("#features").hide();$t("#progressBar").show();$t("#mobile_validation_form").submit();},1000);}else if(status=='ERROR'||status=='FAILED'){var content="<div id='error'><center><img src='"+"<?php echo Mage::getBaseUrl(Mage_Core_Model_Store::URL_TYPE_SKIN).'adminhtml/default/default/images/MiniOrange_2factor/wrong.png'; ?>"+"' /></center></div>";$t("#showQrCode").empty();$t("#features").hide();$t("#showQrCode").append(content);setTimeout(function(){$t('#backto_mo_loginform').submit();},1000);}else{timeout=setTimeout(pollMobileValidation,3000);}}});}
|
62 |
pollMobileValidation();}
|
63 |
</script>
|
64 |
<script>
|
app/design/adminhtml/default/default/template/miniorange_2factor/mo2fConfig.phtml
CHANGED
@@ -9,9 +9,9 @@
|
|
9 |
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
|
10 |
<script src="http://miniorange.com/js/intlTelInput.min.js"></script>
|
11 |
<script>
|
12 |
-
|
13 |
-
$m(document).ready(function() {
|
14 |
-
$m("#phone").intlTelInput();$email="<?php echo $this->getConfig('email')?>";$showotp="<?php echo $this->getConfig('otp')?>";$showqr="<?php echo $this->getConfig('qrcode')?>";$configure="<?php echo $this->getConfig('configure')?>";$showlogin="<?php echo $this->getConfig('login')?>";$validated="<?php echo $this->getConfig('validated')?>";$downloaded="<?php echo $this->getConfig('downloaded')?>";$OTPsent="<?php echo Mage::getSingleton('admin/session')->getOTPsent();?>";$showloginsettings="<?php echo Mage::getSingleton('admin/session')->getshowLoginSettings(); ?>";$success='<?php echo Mage::getSingleton('core/session')->getSuccessMessage(); ?>';$error='<?php echo Mage::getSingleton('core/session')->getErrorMessage(); ?>';if($email==""){if($OTPsent!=""){$error="An error occured while saving your registration details. Please Flush you Magento Cache. [ <a id='preview9' href='#slider6'>Click Here</a> for a preview. ]"}}
|
15 |
if($error!=""){$m(".error-msg span").empty();$m(".error-msg span").append($error);$m(".mini-messages li").css("display","block");$m(".success-msg").css("display","none");}
|
16 |
if($success!=""){$m(".success-msg span").empty();$m(".success-msg span").append($success);$m(".mini-messages li").css("display","block");$m(".error-msg").css("display","none");}
|
17 |
if($showotp==0&&$email!=""){$m("#account_setup").css("display","none");if($configure==1){$m("#configuremobile").css("display","block");voiddisplay("#configuremobile");setactive('configure_mobile');}else if($showloginsettings==1){$m("#login_settings").css("display","block");voiddisplay("#loginsettings");setactive('login_settings');$m("#displayQrCode").hide();$m("#configureMobileButton").css("display","block");}else{$m("#user_profile").css("display","block");voiddisplay("#userprofile");setactive('user_profile');$m("#displayQrCode").hide();$m("#configureMobileButton").css("display","block");}}else{if($showlogin==1){$m("#account_setup").css("display","block");$m("#already_registered").css("display","block");$m("#register_miniorange").css("display","none");voiddisplay("#accountsetup");$m("#user_profile").css("display","none");setactive('account_setup');}else if($validated==0&&$validated!=""){$m("#account_setup").css("display","block");$m("#additional_admin").css("display","block");$m("#register_miniorange").css("display","none");voiddisplay("#accountsetup");$m("#user_profile").css("display","none");setactive('account_setup');}else{$m("#account_setup").css("display","block");$m("#already_registered").css("display","none");$m("#register_miniorange").css("display","block");voiddisplay("#accountsetup");$m("#user_profile").css("display","none");setactive('account_setup');}}
|
@@ -145,7 +145,7 @@ $m(document).ready(function() {
|
|
145 |
<table class="table">
|
146 |
<tr>
|
147 |
<td><b><font color="#FF0000">*</font>Email:</b></td>
|
148 |
-
<td><input class="" type="email" name="additional_email" autofocus="true" required placeholder="person@example.com" style="width:400px;" value="
|
149 |
</tr>
|
150 |
<tr>
|
151 |
<td><b><font color="#FF0000">*</font>Phone number:</b></td>
|
@@ -255,12 +255,14 @@ $m(document).ready(function() {
|
|
255 |
<div class="page" id="loginsettings">
|
256 |
<div class="mo2f_table_layout">
|
257 |
<div><h3>Login Settings</h3><hr></div>
|
258 |
-
<form name="f" method="post" action="<?php echo $this->getadminurl('*/*/
|
259 |
-
<input type="hidden" name="form_key" value="<?php echo Mage::getSingleton('core/session')->getFormKey(); ?>" />
|
260 |
<input type="hidden" name="form_key" value="<?php echo Mage::getSingleton('core/session')->getFormKey(); ?>" />
|
261 |
<input type="checkbox" id="mo2f_adminrole_activation" name="adminrole_activation" value="1" <?php echo $this->isEnabled(); ?> /><b>Enable 2-Factor for admins.</b>
|
262 |
<div style="margin-left:4%;"><b>Note:</b> This option is checked by default. It will enable 2-Factor only for admins, other users can still login with their password.<p>[ <a id="preview4" href="#slider2">Click Here</a> for a preview. ]</p></div>
|
263 |
<br>
|
|
|
|
|
|
|
264 |
<div class="button-align"><input type="submit" name="submit" value="Save Settings" class="button button-primary button-large" /></div>
|
265 |
</form>
|
266 |
</div>
|
@@ -278,7 +280,7 @@ $m(document).ready(function() {
|
|
278 |
<div class="control_next"><img src='<?php echo $this->getImage('arrow') ?>' /></div>
|
279 |
<div class="control_prev"><img src='<?php echo $this->getImage('arrow') ?>' /></div>
|
280 |
<ul>
|
281 |
-
<li><img style="height:
|
282 |
<li><img style="width: 90%; position: relative; top: 25%;" src='<?php echo $this->getImage('otp') ?>' /></li>
|
283 |
<li><img style="width: 90%; position: relative;top: 15%;" src='<?php echo $this->getImage('clickconfiguremobile') ?>' /></li>
|
284 |
<li><img style="height: 75%; position: relative; top: 12%;" src='<?php echo $this->getImage('scanqr') ?>' /></li>
|
@@ -482,7 +484,7 @@ $m(document).ready(function() {
|
|
482 |
</td>
|
483 |
</tr>
|
484 |
<tr><td>
|
485 |
-
<input type="text" class="mo2f_table_textbox" name="query_phone" id="query_phone" title="Phone with country code eg. +1xxxxxxxxxx" placeholder="Phone with country code eg. +1xxxxxxxxxx" value="" pattern="[\+]?[0-9]{1,4}\s?[0-9]{10}"/>
|
486 |
</td>
|
487 |
</tr>
|
488 |
<tr>
|
9 |
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
|
10 |
<script src="http://miniorange.com/js/intlTelInput.min.js"></script>
|
11 |
<script>
|
12 |
+
var $m = jQuery.noConflict();
|
13 |
+
$m(document).ready(function() {
|
14 |
+
$m("#phone").intlTelInput();$m("#query_phone").intlTelInput();$m("#additional_phone").intlTelInput();$email="<?php echo $this->getConfig('email')?>";$showotp="<?php echo $this->getConfig('otp')?>";$showqr="<?php echo $this->getConfig('qrcode')?>";$configure="<?php echo $this->getConfig('configure')?>";$showlogin="<?php echo $this->getConfig('login')?>";$validated="<?php echo $this->getConfig('validated')?>";$downloaded="<?php echo $this->getConfig('downloaded')?>";$OTPsent="<?php echo Mage::getSingleton('admin/session')->getOTPsent();?>";$showloginsettings="<?php echo Mage::getSingleton('admin/session')->getshowLoginSettings(); ?>";$success='<?php echo Mage::getSingleton('core/session')->getSuccessMessage(); ?>';$error='<?php echo Mage::getSingleton('core/session')->getErrorMessage(); ?>';if($email==""){if($OTPsent!=""){$error="An error occured while saving your registration details. Please Flush you Magento Cache. [ <a id='preview9' href='#slider6'>Click Here</a> for a preview. ]"}}
|
15 |
if($error!=""){$m(".error-msg span").empty();$m(".error-msg span").append($error);$m(".mini-messages li").css("display","block");$m(".success-msg").css("display","none");}
|
16 |
if($success!=""){$m(".success-msg span").empty();$m(".success-msg span").append($success);$m(".mini-messages li").css("display","block");$m(".error-msg").css("display","none");}
|
17 |
if($showotp==0&&$email!=""){$m("#account_setup").css("display","none");if($configure==1){$m("#configuremobile").css("display","block");voiddisplay("#configuremobile");setactive('configure_mobile');}else if($showloginsettings==1){$m("#login_settings").css("display","block");voiddisplay("#loginsettings");setactive('login_settings');$m("#displayQrCode").hide();$m("#configureMobileButton").css("display","block");}else{$m("#user_profile").css("display","block");voiddisplay("#userprofile");setactive('user_profile');$m("#displayQrCode").hide();$m("#configureMobileButton").css("display","block");}}else{if($showlogin==1){$m("#account_setup").css("display","block");$m("#already_registered").css("display","block");$m("#register_miniorange").css("display","none");voiddisplay("#accountsetup");$m("#user_profile").css("display","none");setactive('account_setup');}else if($validated==0&&$validated!=""){$m("#account_setup").css("display","block");$m("#additional_admin").css("display","block");$m("#register_miniorange").css("display","none");voiddisplay("#accountsetup");$m("#user_profile").css("display","none");setactive('account_setup');}else{$m("#account_setup").css("display","block");$m("#already_registered").css("display","none");$m("#register_miniorange").css("display","block");voiddisplay("#accountsetup");$m("#user_profile").css("display","none");setactive('account_setup');}}
|
145 |
<table class="table">
|
146 |
<tr>
|
147 |
<td><b><font color="#FF0000">*</font>Email:</b></td>
|
148 |
+
<td><input class="" type="email" name="additional_email" autofocus="true" required placeholder="person@example.com" style="width:400px;" value=""/></td>
|
149 |
</tr>
|
150 |
<tr>
|
151 |
<td><b><font color="#FF0000">*</font>Phone number:</b></td>
|
255 |
<div class="page" id="loginsettings">
|
256 |
<div class="mo2f_table_layout">
|
257 |
<div><h3>Login Settings</h3><hr></div>
|
258 |
+
<form name="f" method="post" action="<?php echo $this->getadminurl('*/*/saveLoginSettings') ?>">
|
|
|
259 |
<input type="hidden" name="form_key" value="<?php echo Mage::getSingleton('core/session')->getFormKey(); ?>" />
|
260 |
<input type="checkbox" id="mo2f_adminrole_activation" name="adminrole_activation" value="1" <?php echo $this->isEnabled(); ?> /><b>Enable 2-Factor for admins.</b>
|
261 |
<div style="margin-left:4%;"><b>Note:</b> This option is checked by default. It will enable 2-Factor only for admins, other users can still login with their password.<p>[ <a id="preview4" href="#slider2">Click Here</a> for a preview. ]</p></div>
|
262 |
<br>
|
263 |
+
<!--<input type="checkbox" id="mo2f_customer_activation" name="customer_activation" value="1" <?php echo $this->isCustomerEnabled(); ?> /><b>Enable 2-Factor for Customers.</b>
|
264 |
+
<div style="margin-left:4%;"><b>Note:</b> This will enable 2-Factor for your customers.</div>
|
265 |
+
<br>-->
|
266 |
<div class="button-align"><input type="submit" name="submit" value="Save Settings" class="button button-primary button-large" /></div>
|
267 |
</form>
|
268 |
</div>
|
280 |
<div class="control_next"><img src='<?php echo $this->getImage('arrow') ?>' /></div>
|
281 |
<div class="control_prev"><img src='<?php echo $this->getImage('arrow') ?>' /></div>
|
282 |
<ul>
|
283 |
+
<li><img style="height: 87%;" src='<?php echo $this->getImage('register') ?>' /></li>
|
284 |
<li><img style="width: 90%; position: relative; top: 25%;" src='<?php echo $this->getImage('otp') ?>' /></li>
|
285 |
<li><img style="width: 90%; position: relative;top: 15%;" src='<?php echo $this->getImage('clickconfiguremobile') ?>' /></li>
|
286 |
<li><img style="height: 75%; position: relative; top: 12%;" src='<?php echo $this->getImage('scanqr') ?>' /></li>
|
484 |
</td>
|
485 |
</tr>
|
486 |
<tr><td>
|
487 |
+
<input type="text" class="mo2f_table_textbox" name="query_phone" id="query_phone" title="Phone with country code eg. +1xxxxxxxxxx" placeholder="Phone with country code eg. +1xxxxxxxxxx" value="<?php echo $this->getConfig('phone')?>" pattern="[\+]?[0-9]{1,4}\s?[0-9]{10}"/>
|
488 |
</td>
|
489 |
</tr>
|
490 |
<tr>
|
package.xml
CHANGED
@@ -1,55 +1,72 @@
|
|
1 |
<?xml version="1.0"?>
|
2 |
<package>
|
3 |
<name>miniOrange_2factor</name>
|
4 |
-
<version>1.0.
|
5 |
<stability>stable</stability>
|
6 |
<license uri="http://www.gnu.org/licenses/gpl-2.0.html">GNU General Public License (GPL)</license>
|
7 |
<channel>community</channel>
|
8 |
<extends/>
|
9 |
<summary>Enable Two Factor Authentication (2FA)- Supports QR code, Soft token, otp over sms).</summary>
|
10 |
-
<description>
|
11 |
-

|
12 |
-
|
13 |
-

|
14 |
-
|
15 |
-
|
16 |
-
|
17 |
-
|
18 |
-
|
19 |
-
|
20 |
-

|
21 |
-

|
22 |
-
|
23 |
-
|
24 |
-

|
25 |
-
|
26 |
-
|
27 |
-
|
28 |
-
|
29 |
-
|
30 |
-
|
31 |
-
|
32 |
-
|
33 |
-
|
34 |
-
|
35 |
-
|
36 |
-
|
37 |
-
|
38 |
-
|
39 |
-
|
40 |
-
|
41 |
-
|
42 |
-
|
43 |
-

|
44 |
-
|
45 |
-

|
46 |
-
|
47 |
-
|
48 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
49 |
<authors><author><name>miniOrange inc.</name><user>miniOrange</user><email>info@miniorange.com</email></author></authors>
|
50 |
-
<date>2015-08-
|
51 |
-
<time>
|
52 |
-
<contents><target name="magecommunity"><dir name="miniOrange"><dir name="2factor"><dir name="Block"><file name="mo2fConfig.php" hash="
|
53 |
<compatible/>
|
54 |
<dependencies><required><php><min>5.3.10</min><max>5.6.11</max></php><extension><name>curl</name><min>7.40.0</min><max>7.44.0</max></extension></required></dependencies>
|
55 |
</package>
|
1 |
<?xml version="1.0"?>
|
2 |
<package>
|
3 |
<name>miniOrange_2factor</name>
|
4 |
+
<version>1.0.3</version>
|
5 |
<stability>stable</stability>
|
6 |
<license uri="http://www.gnu.org/licenses/gpl-2.0.html">GNU General Public License (GPL)</license>
|
7 |
<channel>community</channel>
|
8 |
<extends/>
|
9 |
<summary>Enable Two Factor Authentication (2FA)- Supports QR code, Soft token, otp over sms).</summary>
|
10 |
+
<description>Two-Factor Authentication ( 2 Factor Authentication )
|
11 |
+

|
12 |
+
Why Two-Factor?
|
13 |
+

|
14 |
+
For any application- Identity is the perimeter that needs to be protected better!. Currently this protection is through a password. But passwords aren't enough. 76% of breaches exploit stolen credentials
|
15 |
+

|
16 |
+
Too many passwords to remember, makes it a nightmare for users
|
17 |
+
Passwords are easily lost, stolen, guessed.
|
18 |
+
People use the same password for many accounts
|
19 |
+
So every time you login into your Web site there is a chance that someone is sniffing or logging the password, which can later be used to login to your store. Clearly passwords are not enough for protecting your store. 
|
20 |
+

|
21 |
+
Use Two-Factor Authentication
|
22 |
+

|
23 |
+
The most practical way to strengthen authentication is to require a second factor after the username/password stage. Since a password is something that you know, ensuring that the you can thwart attackers that steal or gain access to your password.
|
24 |
+
miniOrange Two-Factor Authentication Overview
|
25 |
+

|
26 |
+
miniOrange Two-Factor Authentication provides a highly secure & easy to setup Two-Factor Authentication for your Magento store. Rather than relying on a password alone, which can be phished or guessed, miniOrange Two Factor authentication adds a second layer of security to your Magento store. You can protect your store by using miniOrange Two Factor authentication, which combines something you know or something you have (smartphone) to reliably confirm your identity.
|
27 |
+

|
28 |
+
Features/Benefits
|
29 |
+

|
30 |
+
Secure login into your Magento backend
|
31 |
+
With miniOrange Two-Factor Authentication you can can:
|
32 |
+

|
33 |
+
Securely login using our miniOrange Authenticator app
|
34 |
+
Both iPhone and Android phones are supported.
|
35 |
+
If your phone is lost or stolen or discharged, it offers an alternate login method.
|
36 |
+
If your phone is offline, you can use a one time passcode (soft token) generated by app to login.
|
37 |
+
The code generated are time based and keep changin every 30 seconds so even if someone knows your password, they will not be able to login to your backend.
|
38 |
+
Choose 15+ different authentication methods
|
39 |
+
* One time passcodes (OTP) over SMS 
|
40 |
+
* OTP over Email 
|
41 |
+
* OTP over SMS and Email 
|
42 |
+
* Out of Band SMS 
|
43 |
+
* Out of Band Email 
|
44 |
+
* Soft Token 
|
45 |
+
* Push Notification 
|
46 |
+
* USB based Hardware token (yubico) 
|
47 |
+
* Security Questions 
|
48 |
+
* Mobile Authentication 
|
49 |
+
* Voice Authentication (Biometrics) 
|
50 |
+
* Phone Verification 
|
51 |
+
* Device Identification 
|
52 |
+
* Location 
|
53 |
+
* Time of Access 
|
54 |
+
* User Behavior
|
55 |
+

|
56 |
+
Feature phone, landline are also supported. You need to contact info@miniorange.com to enable it. Trusted Device, Location, Time of access and user behavior is also supported. You need to enable this by contacting info@miniorange.com
|
57 |
+

|
58 |
+
For a complete list of authentication methods please visit http://miniorange.com/strong_auth . If you want to have any other 2-factor for your Magento site, Contact us.</p>
|
59 |
+
You can choose from any of the above authentication methods to augment your password based authentication. miniOrange authentication service works with all phone types, from landlines to smart-phone platforms.
|
60 |
+

|
61 |
+
Contact Us
|
62 |
+

|
63 |
+
For support please email us at info@miniorange.com or call us at +1 978 658 9387</description>
|
64 |
+
<notes>==1.0.3==
|
65 |
+
Bug fixes</notes>
|
66 |
<authors><author><name>miniOrange inc.</name><user>miniOrange</user><email>info@miniorange.com</email></author></authors>
|
67 |
+
<date>2015-08-26</date>
|
68 |
+
<time>12:09:56</time>
|
69 |
+
<contents><target name="magecommunity"><dir name="miniOrange"><dir name="2factor"><dir name="Block"><file name="mo2fConfig.php" hash="c186ecae80ba3945783d95712165f26a"/></dir><dir name="Controllers"><dir name="Adminhtml"><file name="IndexController.php" hash="acef2dddf89298d518291c3cdbfd2d48"/><dir name="Login"><file name="miniOrangeController.php" hash="78d1f305733dc764a87229ea4646a479"/></dir></dir></dir><dir name="Helper"><file name="Data.php" hash="f7f6df87285ca0ac36ba34dcfb6ee225"/><file name="mo2fUtility.php" hash="e00199e2e2bf3d0f34c73d801345cb28"/></dir><dir name="Model"><file name="Observer.php" hash="b14c81c7622df4d1ea2276e0d46e36d0"/><file name="Words.php" hash="ee26cc8582d5bbad5632a6e02129f815"/></dir><dir name="etc"><file name="adminhtml.xml" hash="955f9f87d1a5df39eea9fd69379af0ee"/><file name="config.xml" hash="749ad39ccb5acb5637b0a264c9d8be8a"/></dir><dir name="sql"><dir name="MiniOrange_2factor_setup"><file name="mysql4-install-0.0.1.php" hash="d48e85b9510d3a29784e75315b3c8ae4"/></dir></dir></dir></dir></target><target name="magedesign"><dir name="adminhtml"><dir name="default"><dir name="default"><dir name="layout"><file name="miniorange_2factor_admin.xml" hash="49671205b07f54681d1f93fec9ee4d67"/></dir><dir name="template"><dir name="miniorange_2factor"><file name="login.phtml" hash="36f8b7177bafaf4e916b1d9e5f382e50"/><file name="mo2fConfig.phtml" hash="335e3975d294f4f39666913bdbe031fc"/></dir></dir></dir></dir></dir></target><target name="mageetc"><dir name="modules"><file name="miniorange_2factor.xml" hash="609cb91239fb4a89f64ae28d4b5b5398"/></dir></target><target name="mageskin"><dir name="adminhtml"><dir name="default"><dir name="default"><dir name="images"><dir name="MiniOrange_2factor"><file name="appstore.png" hash="1ac5eb0f971fd8cbeac4d3e4449cd9f0"/><file name="arrow.png" hash="47bdba61de621d8ca74c16f6dd5b6565"/><file name="authenticate.png" hash="052bcae5504f3a9c61365ecf8ab0c4e7"/><file name="authvalidate.png" hash="a01eaf3a0002b3e7115813fd4e4efe1a"/><file name="cachesetting.png" hash="15942adf97c0d48abdf2c583c94eb4f5"/><file name="clickconfiguremobile.png" hash="3ee49ca9596e3ad507d66aca43466ea3"/><file name="clickconfiguremobile2.png" hash="fc0ff15007ea57e3ceef75235056dc88"/><file name="configurefirsttime.png" hash="c6982bcd3f70080d893e3da11d2a77d8"/><file name="configuremobile.png" hash="013d6599af7a31fb53a895d877ab1ffe"/><file name="forgot-phone.png" hash="64cfe82547e4db88d025346477025cfe"/><file name="forgotphone.png" hash="4272645ec478f1479fc3dc56df5dd89b"/><file name="loggedin.png" hash="70cc5cad9c475ef9420aa3d70bc43102"/><file name="login1.png" hash="c0dce259d0e2e84957ba77c6e2e78abb"/><file name="login2.png" hash="99e2c32c2fd5f9c9acf6a8002e1d44ac"/><file name="login3.png" hash="305c7bbdb97da888970b7225641757f0"/><file name="loginsettings.png" hash="811b9792a0e47f7e483d01a7ded0ccd0"/><file name="mail.png" hash="751f9588f2e2aac3ec47a6b0ebb2fa4d"/><file name="miniorange_logo.png" hash="b1cd21c2deeb5f199fb55de487bf950b"/><file name="mobileconfigurebutton.png" hash="747a6057cd50099e1cb3b5041320bd85"/><file name="mobilescan.png" hash="dec68c53b12944a45140d909af803fdd"/><file name="mobilesuccess.png" hash="d977fd41088cf0677f33e77de13da56c"/><file name="otp.png" hash="74dc1d7644af2013d256852d26bc920b"/><file name="phone-offline.png" hash="81b25f8125b13fd4d96c23a6fa84574e"/><file name="playStore.png" hash="fbca6f8b28d05c3bcd833965289a20c2"/><file name="processing.png" hash="56b1a14bd1558354250a7a232a4d16e7"/><file name="register.png" hash="37be41049f1d79215322a8cf908bf7b3"/><file name="right.png" hash="2321d72c95ee1fd5708199f56f213136"/><file name="savecache.png" hash="cf686304f47b080ec98930be8bb0f869"/><file name="scanqr.png" hash="dc4c1d070d9b336c790cd2d1d5315ee6"/><file name="sendingotp.png" hash="28c93249e717916d0f3c974b1cd2af7d"/><file name="settings.png" hash="a3e0382615d3f19f5a0dab4d4accbf2d"/><file name="softokenmobile.png" hash="624d589cdfa031df456e25a2ff034e63"/><file name="softtoken.png" hash="804bd9b0a3a600e6f349a6aa4ea00899"/><file name="sync.png" hash="8fffca24e6184fc3f9af8e20feac430b"/><file name="wrong.png" hash="6bd49538f79c4722610c5535f38213af"/></dir></dir></dir></dir></dir></target></contents>
|
70 |
<compatible/>
|
71 |
<dependencies><required><php><min>5.3.10</min><max>5.6.11</max></php><extension><name>curl</name><min>7.40.0</min><max>7.44.0</max></extension></required></dependencies>
|
72 |
</package>
|