1: | <?php
|
2: | namespace Opencart\Admin\Controller\Startup;
|
3: | |
4: | |
5: | |
6: | |
7: |
|
8: | class Authorize extends \Opencart\System\Engine\Controller {
|
9: | |
10: | |
11: | |
12: | |
13: |
|
14: | public function index(): ?\Opencart\System\Engine\Action {
|
15: | if (isset($this->request->get['route'])) {
|
16: | $route = (string)$this->request->get['route'];
|
17: | } else {
|
18: | $route = '';
|
19: | }
|
20: |
|
21: | if (isset($this->request->cookie['authorize'])) {
|
22: | $token = (string)$this->request->cookie['authorize'];
|
23: | } else {
|
24: | $token = '';
|
25: | }
|
26: |
|
27: |
|
28: | $pos = strrpos($route, '.');
|
29: |
|
30: | if ($pos !== false) {
|
31: | $route = substr($route, 0, $pos);
|
32: | }
|
33: |
|
34: | $ignore = [
|
35: | 'common/login',
|
36: | 'common/logout',
|
37: | 'common/forgotten',
|
38: | 'common/authorize'
|
39: | ];
|
40: |
|
41: | if ($this->config->get('config_user_2fa') && !in_array($route, $ignore)) {
|
42: | $this->load->model('user/user');
|
43: |
|
44: | $token_info = $this->model_user_user->getAuthorizeByToken($this->user->getId(), $token);
|
45: |
|
46: | if (!$token_info || !$token_info['status'] && $token_info['attempts'] <= 2) {
|
47: | return new \Opencart\System\Engine\Action('common/authorize');
|
48: | }
|
49: |
|
50: | if ($token_info && !$token_info['status'] && $token_info['attempts'] > 2) {
|
51: | return new \Opencart\System\Engine\Action('common/authorize.unlock');
|
52: | }
|
53: | }
|
54: |
|
55: | return null;
|
56: | }
|
57: | }
|
58: | |