129 lines
		
	
	
	
		
			4.2 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
			
		
		
	
	
			129 lines
		
	
	
	
		
			4.2 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
| <?php
 | |
| /**
 | |
|  * @copyright Copyright (C) 2010-2022, the Friendica project
 | |
|  *
 | |
|  * @license GNU AGPL version 3 or any later version
 | |
|  *
 | |
|  * This program is free software: you can redistribute it and/or modify
 | |
|  * it under the terms of the GNU Affero General Public License as
 | |
|  * published by the Free Software Foundation, either version 3 of the
 | |
|  * License, or (at your option) any later version.
 | |
|  *
 | |
|  * This program is distributed in the hope that it will be useful,
 | |
|  * but WITHOUT ANY WARRANTY; without even the implied warranty of
 | |
|  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 | |
|  * GNU Affero General Public License for more details.
 | |
|  *
 | |
|  * You should have received a copy of the GNU Affero General Public License
 | |
|  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 | |
|  *
 | |
|  */
 | |
| 
 | |
| namespace Friendica\Module\Security\TwoFactor;
 | |
| 
 | |
| use Friendica\App;
 | |
| use Friendica\BaseModule;
 | |
| use Friendica\Core\L10n;
 | |
| use Friendica\Core\Renderer;
 | |
| use Friendica\Core\Session\Capability\IHandleSessions;
 | |
| use Friendica\Model\User\Cookie;
 | |
| use Friendica\Module\Response;
 | |
| use Friendica\Network\HTTPException\NotFoundException;
 | |
| use Friendica\Util\Profiler;
 | |
| use Friendica\Security\TwoFactor;
 | |
| use Psr\Log\LoggerInterface;
 | |
| 
 | |
| /**
 | |
|  * Page 4: Logout dialog for trusted browsers
 | |
|  *
 | |
|  * @package Friendica\Module\TwoFactor
 | |
|  */
 | |
| class SignOut extends BaseModule
 | |
| {
 | |
| 	protected $errors = [];
 | |
| 
 | |
| 	/** @var IHandleSessions  */
 | |
| 	protected $session;
 | |
| 	/** @var Cookie  */
 | |
| 	protected $cookie;
 | |
| 	/** @var TwoFactor\Repository\TrustedBrowser  */
 | |
| 	protected $trustedBrowserRepository;
 | |
| 
 | |
| 	public function __construct(L10n $l10n, App\BaseURL $baseUrl, App\Arguments $args, LoggerInterface $logger,  IHandleSessions $session, Cookie $cookie, TwoFactor\Repository\TrustedBrowser $trustedBrowserRepository, Profiler $profiler, Response $response, array $server, array $parameters = [])
 | |
| 	{
 | |
| 		parent::__construct($l10n, $baseUrl, $args, $logger, $profiler, $response, $server, $parameters);
 | |
| 
 | |
| 		$this->session                  = $session;
 | |
| 		$this->cookie                   = $cookie;
 | |
| 		$this->trustedBrowserRepository = $trustedBrowserRepository;
 | |
| 	}
 | |
| 
 | |
| 	protected function post(array $request = [])
 | |
| 	{
 | |
| 		if (!local_user() || !($this->cookie->get('2fa_cookie_hash'))) {
 | |
| 			return;
 | |
| 		}
 | |
| 
 | |
| 		$action = $request['action'] ?? '';
 | |
| 
 | |
| 		if (!empty($action)) {
 | |
| 			self::checkFormSecurityTokenRedirectOnError('2fa', 'twofactor_signout');
 | |
| 
 | |
| 			switch ($action) {
 | |
| 				case 'trust_and_sign_out':
 | |
| 					$trusted = $this->cookie->get('2fa_cookie_hash');
 | |
| 					$this->cookie->reset(['2fa_cookie_hash' => $trusted]);
 | |
| 					$this->session->clear();
 | |
| 
 | |
| 					info($this->t('Logged out.'));
 | |
| 					$this->baseUrl->redirect();
 | |
| 					break;
 | |
| 				case 'sign_out':
 | |
| 					$this->trustedBrowserRepository->removeForUser(local_user(), $this->cookie->get('2fa_cookie_hash'));
 | |
| 					$this->cookie->clear();
 | |
| 					$this->session->clear();
 | |
| 
 | |
| 					info($this->t('Logged out.'));
 | |
| 					$this->baseUrl->redirect();
 | |
| 					break;
 | |
| 				default:
 | |
| 					$this->baseUrl->redirect();
 | |
| 			}
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	protected function content(array $request = []): string
 | |
| 	{
 | |
| 		if (!local_user() || !($this->cookie->get('2fa_cookie_hash'))) {
 | |
| 			$this->baseUrl->redirect();
 | |
| 		}
 | |
| 
 | |
| 		try {
 | |
| 			$trustedBrowser = $this->trustedBrowserRepository->selectOneByHash($this->cookie->get('2fa_cookie_hash'));
 | |
| 			if (!$trustedBrowser->trusted) {
 | |
| 				$trusted = $this->cookie->get('2fa_cookie_hash');
 | |
| 				$this->cookie->reset(['2fa_cookie_hash' => $trusted]);
 | |
| 				$this->session->clear();
 | |
| 
 | |
| 				info($this->t('Logged out.'));
 | |
| 				$this->baseUrl->redirect();
 | |
| 			}
 | |
| 		} catch (TwoFactor\Exception\TrustedBrowserNotFoundException $exception) {
 | |
| 			$this->cookie->clear();
 | |
| 			$this->session->clear();
 | |
| 
 | |
| 			info($this->t('Logged out.'));
 | |
| 			$this->baseUrl->redirect();
 | |
| 		}
 | |
| 
 | |
| 		return Renderer::replaceMacros(Renderer::getMarkupTemplate('twofactor/signout.tpl'), [
 | |
| 			'$form_security_token' => self::getFormSecurityToken('twofactor_signout'),
 | |
| 
 | |
| 			'$title'                    => $this->t('Sign out of this browser?'),
 | |
| 			'$message'                  => $this->t('<p>If you trust this browser, you will not be asked for verification code the next time you sign in.</p>'),
 | |
| 			'$sign_out_label'           => $this->t('Sign out'),
 | |
| 			'$cancel_label'             => $this->t('Cancel'),
 | |
| 			'$trust_and_sign_out_label' => $this->t('Trust and sign out'),
 | |
| 		]);
 | |
| 	}
 | |
| }
 |