1: | <?php
|
2: | namespace Opencart\catalog\controller\startup;
|
3: | |
4: | |
5: | |
6: | |
7: |
|
8: | class Authorize extends \Opencart\System\Engine\Controller {
|
9: | |
10: | |
11: |
|
12: | public function index(): ?\Opencart\System\Engine\Action {
|
13: | if (isset($this->request->get['route'])) {
|
14: | $route = (string)$this->request->get['route'];
|
15: | } else {
|
16: | $route = '';
|
17: | }
|
18: |
|
19: | if (isset($this->request->cookie['authorize'])) {
|
20: | $token = (string)$this->request->cookie['authorize'];
|
21: | } else {
|
22: | $token = '';
|
23: | }
|
24: |
|
25: |
|
26: | $pos = strrpos($route, '.');
|
27: |
|
28: | if ($pos !== false) {
|
29: | $route = substr($route, 0, $pos);
|
30: | }
|
31: |
|
32: | $ignore = [
|
33: | 'account/login',
|
34: | 'account/logout',
|
35: | 'account/forgotten',
|
36: | 'account/authorize'
|
37: | ];
|
38: |
|
39: | if ($this->config->get('config_security') && !in_array($route, $ignore)) {
|
40: | $this->load->model('user/user');
|
41: |
|
42: | $token_info = $this->model_user_user->getAuthorizeByToken($this->user->getId(), $token);
|
43: |
|
44: | if (!$token_info || !$token_info['status'] && $token_info['attempts'] <= 2) {
|
45: | return new \Opencart\System\Engine\Action('common/authorize');
|
46: | }
|
47: |
|
48: | if ($token_info && !$token_info['status'] && $token_info['attempts'] > 2) {
|
49: | return new \Opencart\System\Engine\Action('common/authorize.unlock');
|
50: | }
|
51: | }
|
52: |
|
53: | return null;
|
54: | }
|
55: | }
|
56: | |