Maj login Authenticator

access.inc.php

@@ -1,5 +1,16 @@
 <?php
     // Droits par profil
+
+    define("NOT_CONNECTED", array(
+        "json" => array(
+            "authenticator",
+            "login",
+        ),
+        "submit" => array(
+            "login",
+        ))
+    );
+
     define("ACCESS_WHITE", array(
         "page" => array(
             "login",
@@ -13,6 +24,7 @@
             "logout",
         ),
         "submit" => array(
+            "authenticator",
             "login",
             "logout"
         ))

core/class/session.class.php

@@ -70,6 +70,11 @@ class session
         return FALSE;
     }
 
+    public static function accessNotConnected(string $_element, string $_type)
+    {
+        return (in_array($_element, NOT_CONNECTED[$_type])) ? TRUE : FALSE;
+    }
+
     private static function elementWhite(string $_element, string $_type)
     {
         return (in_array($_element, ACCESS_WHITE[$_type])) ? TRUE : FALSE;

core/class/user.class.php

@@ -63,6 +63,15 @@ class user {
         return db::single()["googleAuthenticatorSecret"];
     }
 
+    public static function checkGoogleAuthenticator(string $_email){
+        db::query("SELECT "
+                . "" . DB_T_USER . ".googleAuthenticator "
+                . "FROM " . DB_T_USER . " "
+                . "WHERE " . DB_T_USER . ".email = :email");
+        db::bind(':email', $_email);
+        return db::single()["googleAuthenticator"];
+    }
+
     public static function connect(array $_input) {
         $return = NULL;
         if (isset($_input["email"]) AND isset($_input["password"])) {

core/controllers/cms.session.php

@@ -1,8 +1,11 @@
 <?php
 
-if (!session::isConnect()) { // Si non logué
-    if (core::getPost("from") != "login") {
+if (!session::isConnect()) { // Si non log
+    if (
+        (core::ifPost("from") AND session::accessNotConnected(core::getPost("from"), "json") == FALSE) AND 
+        (core::ifPost("from") AND session::accessNotConnected(core::getPost("from"), "submit") == FALSE) 
+    ) {
         header('Location: ./');
         exit();
     } 
-}
+}

core/submit/cms.authenticator.php

@@ -0,0 +1,4 @@
+<?php 
+if (core::ifPost("from") AND core::getPost("from") == "authenticator") {
+    echo user::checkGoogleAuthenticator(core::getPost("email"));
+}

core/views/pages/cms.login.php

@@ -31,18 +31,44 @@
                     <img src="img/logo.png" id="icon" alt="CSE Invent" />
                 </div>
 
-                <form method="post" action="/submit.php">
+                <form method="post" action="/submit.php" id="form-authent">
                     <input type="hidden" name="from" value="login">
-                    <input type="text" class="fadeIn second" name="email" placeholder="email">
-                    <input type="password" class="fadeIn third" name="password" placeholder="mot de passe">
-                    <input type="text" class="fadeIn third" name="authenticator" maxlength="6" placeholder="Code Google Authenticator">
-                    <input type="submit" class="fadeIn fourth" value="Se connecter">
+                    <input type="text" class="fadeIn second" name="email" id="email" placeholder="email" required>
+                    <input type="password" class="fadeIn third" name="password" placeholder="mot de passe" required>
+                    <input type="text" class="third" style="display:none;" name="authenticator" id="authenticator" maxlength="6" placeholder="Code Google Authenticator">
+                    <input type="button" class="fadeIn fourth" id="submit-authent" value="Se connecter">
                 </form>
                 
                 <div id="formFooter"<?php if(!alert::ifError()) { echo ' style="display:none"'; } ?>>
-                    <div class="alert alert-danger" role="alert" ><?php echo alert::printAlert(alert::getError()) ?></div>
+                    <div class="alert alert-danger" role="alert"><?php if(alert::ifError()) { echo alert::printAlert(alert::getError()); } ?></div>
                 </div>
 
+                <script>
+                        $("#submit-authent").on("click", function() {
+                            var formData = {
+                                email: $("#email").val(),
+                                from: "authenticator",
+                            };
+
+                            $.ajax({
+                                type: "POST",
+                                url: "submit.php",
+                                data: formData,
+                                dataType: "json",
+                                encode: true,
+                            }).done(function (data) {
+                                if(data == 1){ 
+                                    $("#authenticator").show();
+                                    $("#authenticator").prop("required", true);
+                                    $('#submit-authent').attr('type', 'submit');
+                                } else {   
+                                    $("#form-authent").submit();
+                                }
+                            }).fail(function () {
+                                console.log(data);
+                            });
+                        });
+                </script>
             </div>
         </div>
         <?php pwa::printServiceWorker(); ?>

core/views/pages/cms.parametres-restore.php

@@ -1,32 +1,31 @@
 
-<div style="margin-top:60px;">
+<div style="margin-top:20px;">
 
-    <a href="/submit.php?from=parametres-add-backup" style="position:absolute; right:25px; margin-top:-55px;">
+    <a href="/submit.php?from=parametres-add-backup" style="position:absolute; right:25px; margin-top:-60px;">
         <button type="submit" class="btn btn-outline-success btn-sm">
         <span data-feather="plus-square"></span> Créer un nouveau backup</button>
     </a>
-
-    <div>
-        <table 
-            id="table" 
-            class="table-striped table-hover table-sm" 
-            data-toggle="table" 
-            data-sort-name="date" 
-            data-sort-order="desc" 
-            data-url="/json.php?jsonData=parametres-restore">
-            <thead>
-                <tr>
-                    <th data-formatter="downloadFile" data-field="file" data-filter-control="input" data-align="left">Nom</th>
-                    <th data-field="size" data-filter-control="input" data-width="100">Taille</th>
-                    <th data-field="date" data-filter-control="input" data-width="170">Date de création</th>
-                    <th data-formatter="restoreBackup" data-width="110"></th>
-                    <th data-formatter="deleteBackup" data-width="10"></th>
-                </tr>
-            </thead>
-        </table>
-    </div>
-
 </div>
+<div>
+    <table 
+        id="table" 
+        class="table-striped table-hover table-sm" 
+        data-toggle="table" 
+        data-sort-name="date" 
+        data-sort-order="desc" 
+        data-url="/json.php?jsonData=parametres-restore">
+        <thead>
+            <tr>
+                <th data-formatter="downloadFile" data-field="file" data-filter-control="input" data-align="left">Nom</th>
+                <th data-field="size" data-filter-control="input" data-width="100">Taille</th>
+                <th data-field="date" data-filter-control="input" data-width="170">Date de création</th>
+                <th data-formatter="restoreBackup" data-width="110"></th>
+                <th data-formatter="deleteBackup" data-width="10"></th>
+            </tr>
+        </thead>
+    </table>
+</div>
+
 
 <script>
     function downloadFile(value, row) {

core/views/pages/cms.parametres-users.php

@@ -2,14 +2,13 @@
     json::create("users");
 ?>
 
-<div style="margin-top:60px;">
-
-    <a href="/?p=user&add=1" style="position:absolute; right:25px; margin-top:-55px;">
+<div style="margin-top:20px;">
+    <a href="/?p=user&add=1" style="position:absolute; right:25px; margin-top:-60px;">
     <button type="submit" class="btn btn-outline-success btn-sm">
         <span data-feather="plus-square"></span> Ajouter un utilisateur</button>
     </a>
-
-    <div>
+</div>
+<div>
         <table
             id="table"
             class="table-striped table-hover table-sm" 
@@ -32,13 +31,12 @@
                 </tr>
             </thead>
         </table> 
-    </div>
+</div>
 
-    <script>
-            function selectUser(value, row) { 
-                return '<a href="/user-' + row.id + '.html"><button type="submit" class="btn btn-outline-primary btn-sm">Administrer</button></a>';
+<script>
+        function selectUser(value, row) { 
+            return '<a href="/user-' + row.id + '.html"><button type="submit" class="btn btn-outline-primary btn-sm">Administrer</button></a>';
 
-            }
-    </script>
+        }
+</script>
 
-</div>

core/views/pages/cms.parametres.php

@@ -19,83 +19,43 @@ echo core::filAriane(array(
 ));
 ?>
 
-
-<br />
-    <ul class="nav nav-tabs" id="event-fiche" role="tablist">
-        <li class="nav-item">
-            <a class="nav-link active" data-toggle="tab" id="general-tab" role="tab" aria-selected="true">Général</a>
-        </li>
-        <li class="nav-item">
-            <a class="nav-link" data-toggle="tab" id="users-tab" role="tab" aria-selected="">Utilisateurs</a>
-        </li>
-        <li class="nav-item">
-            <a class="nav-link" data-toggle="tab" id="backup-tab" role="tab" aria-selected="">Backup & restauration</a>
-        </li> 
-        <li class="nav-item">
-            <a class="nav-link" data-toggle="tab" id="maj-tab" role="tab" aria-selected="">Mise à jour</a>
-        </li>
-        <li class="nav-item">
-            <a class="nav-link" data-toggle="tab" id="debug-tab" role="tab" aria-selected="">Debug & développement</a>
-        </li>
-    </ul>
-<br />
+<ul class="nav nav-tabs" id="tab-parametres" role="tablist" style="margin-bottom:20px;">
+    <li><a class="nav-link active" href="#parametres-general">Général</a></li>
+    <li><a class="nav-link" href="#parametres-users">Utilisateurs</a></li>
+    <li><a class="nav-link" href="#parametres-restore">Backup & restauration</a></li>
+    <li><a class="nav-link" href="#parametres-maj">Mise à jour</a></li>
+    <li><a class="nav-link" href="#parametres-debug">Debug & développement</a></li>
+</ul>
 
 <div class="tab-content">
-    <div id="tab-general"> 
-        <?php get::page("parametres-general") ?> 
+    <div id="parametres-general" class="tab-pane fade in active show">
+        <?php get::page("parametres-general") ?>
     </div>
-    <div id="tab-users" style="display: none;">
+    <div id="parametres-users" class="tab-pane fade">
         <?php get::page("parametres-users") ?>
     </div>
-    <div id="tab-backup" style="display: none;">
+    <div id="parametres-restore" class="tab-pane fade">
         <?php get::page("parametres-restore") ?>
     </div>
-    <div id="tab-debug" style="display: none;">
-        <?php get::page("parametres-debug") ?>
-    </div>
-    <div id="tab-maj" style="display: none;">
+    <div id="parametres-maj" class="tab-pane fade">
         <?php get::page("parametres-maj") ?>
     </div>
+    <div id="parametres-debug" class="tab-pane fade">
+        <?php get::page("parametres-debug") ?>
+    </div>
 </div>
 
+
 <script>
-    $(document).ready(function(){
-        $("#general-tab").click(function() {
-            $("#tab-general").show();
-            $("#tab-users").hide();
-            $("#tab-backup").hide();
-            $("#tab-debug").hide();
-            $("#tab-maj").hide();
-        }); 
-        $("#users-tab").click(function() {
-            $("#tab-general").hide();
-            $("#tab-users").show();
-            $("#tab-backup").hide();
-            $("#tab-debug").hide();
-            $("#tab-maj").hide();
-        });  
-        $("#backup-tab").click(function() {
-            $("#tab-general").hide();
-            $("#tab-users").hide();
-            $("#tab-backup").show();
-            $("#tab-debug").hide();
-            $("#tab-maj").hide();
-        });
-        $("#debug-tab").click(function() {
-            $("#tab-general").hide();
-            $("#tab-users").hide();
-            $("#tab-backup").hide();
-            $("#tab-debug").show();
-            $("#tab-maj").hide();
-        });
-        $("#maj-tab").click(function() {
-            $("#tab-general").hide();
-            $("#tab-users").hide();
-            $("#tab-backup").hide();
-            $("#tab-debug").hide();
-            $("#tab-maj").show();
-        });
-    })
+$(document).ready(function(){
+    $("#tab-parametres a").click(function(){
+        $(this).tab('show');
+    });
+    $('#tab-parametres a').on('shown.bs.tab', function(event){
+        var x = $(event.target).text();
+        var y = $(event.relatedTarget).text();
+    });
+});
 </script>
 
 <style>

public-events/submit.php

@@ -1,7 +1,6 @@
 <?php
 
 session_start();
-
 require_once "../env.inc.php";
 require_once "../access.inc.php";
 require_once "../conf.inc.php";