2017-01-21 01:54:30 +03:00
|
|
|
<?php
|
|
|
|
|
namespace api\validators;
|
|
|
|
|
|
|
|
|
|
use common\helpers\Error as E;
|
|
|
|
|
use common\models\Account;
|
|
|
|
|
use OTPHP\TOTP;
|
2017-08-08 20:18:44 +03:00
|
|
|
use RangeException;
|
2017-01-21 01:54:30 +03:00
|
|
|
use Yii;
|
|
|
|
|
use yii\base\InvalidConfigException;
|
|
|
|
|
use yii\validators\Validator;
|
|
|
|
|
|
|
|
|
|
class TotpValidator extends Validator {
|
|
|
|
|
|
2024-12-02 15:10:55 +05:00
|
|
|
public ?Account $account = null;
|
2017-01-21 01:54:30 +03:00
|
|
|
|
2017-02-22 01:49:24 +03:00
|
|
|
/**
|
2019-07-15 01:59:56 +03:00
|
|
|
* @var int|callable|null Allows you to set the exact time against which the validation will be performed.
|
|
|
|
|
* It may be the unix time or a function returning a unix time.
|
|
|
|
|
* If not specified, the current time will be used.
|
2017-02-22 01:49:24 +03:00
|
|
|
*/
|
2024-12-02 15:10:55 +05:00
|
|
|
public mixed $timestamp = null;
|
2017-02-22 01:49:24 +03:00
|
|
|
|
2017-01-21 01:54:30 +03:00
|
|
|
public $skipOnEmpty = false;
|
|
|
|
|
|
2024-12-02 15:10:55 +05:00
|
|
|
/**
|
|
|
|
|
* @throws InvalidConfigException
|
|
|
|
|
*/
|
|
|
|
|
public function init(): void {
|
2017-01-21 01:54:30 +03:00
|
|
|
parent::init();
|
|
|
|
|
if ($this->account === null) {
|
|
|
|
|
$this->account = Yii::$app->user->identity;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!$this->account instanceof Account) {
|
|
|
|
|
throw new InvalidConfigException('account should be instance of ' . Account::class);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (empty($this->account->otp_secret)) {
|
|
|
|
|
throw new InvalidConfigException('account should have not empty otp_secret');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-12-02 15:10:55 +05:00
|
|
|
protected function validateValue($value): ?array {
|
2017-08-08 20:18:44 +03:00
|
|
|
try {
|
|
|
|
|
$totp = TOTP::create($this->account->otp_secret);
|
2024-12-02 15:10:55 +05:00
|
|
|
if (!$totp->verify((string)$value, $this->getTimestamp(), $totp->getPeriod() - 1)) {
|
2017-09-06 20:17:52 +03:00
|
|
|
return [E::TOTP_INCORRECT, []];
|
2017-08-08 20:18:44 +03:00
|
|
|
}
|
2024-12-02 15:10:55 +05:00
|
|
|
} catch (RangeException) {
|
2017-09-06 20:17:52 +03:00
|
|
|
return [E::TOTP_INCORRECT, []];
|
2017-01-21 01:54:30 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
|
2017-02-22 01:49:24 +03:00
|
|
|
private function getTimestamp(): ?int {
|
2017-02-23 02:18:25 +03:00
|
|
|
$timestamp = $this->timestamp;
|
|
|
|
|
if (is_callable($timestamp)) {
|
|
|
|
|
$timestamp = call_user_func($this->timestamp);
|
2017-02-22 01:49:24 +03:00
|
|
|
}
|
|
|
|
|
|
2017-02-23 02:18:25 +03:00
|
|
|
if ($timestamp === null) {
|
|
|
|
|
return null;
|
2017-02-22 01:49:24 +03:00
|
|
|
}
|
|
|
|
|
|
2017-02-23 02:18:25 +03:00
|
|
|
return (int)$timestamp;
|
2017-02-22 01:49:24 +03:00
|
|
|
}
|
|
|
|
|
|
2017-01-21 01:54:30 +03:00
|
|
|
}
|
