Welcome to mirror list, hosted at ThFree Co, Russian Federation.

RecoveryCodeDao.php « Dao « TwoFactorAuth « plugins - github.com/matomo-org/matomo.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/plugins/TwoFactorAuth/Dao/RecoveryCodeDao.php
blob: 10b2f6ef702c9662833b120cbb8c9d74f9ee2554 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87

<?php
/**
 * Matomo - free/libre analytics platform
 *
 * @link https://matomo.org
 * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
 */
namespace Piwik\Plugins\TwoFactorAuth\Dao;

use Piwik\Common;
use Piwik\Db;

class RecoveryCodeDao
{
    protected $table = 'twofactor_recovery_code';
    protected $tablePrefixed = '';

    /**
     * @var RecoveryCodeRandomGenerator $generator
     */
    private $generator;

    public function __construct(RecoveryCodeRandomGenerator $generator)
    {
        $this->tablePrefixed = Common::prefixTable($this->table);
        $this->generator = $generator;
    }

    public function getPrefixedTableName()
    {
        return $this->tablePrefixed;
    }

    public function createRecoveryCodesForLogin($login)
    {
        $codes = array();
        $this->deleteAllRecoveryCodesForLogin($login);

        for ($i = 0; $i < 10; $i++) {
            $code = $this->generator->generateCode();
            $code = mb_strtoupper($code);
            $this->insertRecoveryCode($login, $code);
            $codes[] = $code;
        }
        return $codes;
    }

    public function insertRecoveryCode($login, $recoveryCode)
    {
        // we do not really care about duplicates as it is very unlikely to happen, that's why we don't even use a
        // unique login,recovery_code index
        $sql = sprintf('INSERT INTO %s (`login`, `recovery_code`) VALUES(?,?)', $this->tablePrefixed);
        Db::query($sql, array($login, $recoveryCode));
    }

    public function useRecoveryCode($login, $recoveryCode)
    {
        if ($this->deleteRecoveryCode($login, $recoveryCode)) {
            return true;
        }
        return false;
    }

    public function getAllRecoveryCodesForLogin($login)
    {
        $sql = sprintf('SELECT recovery_code FROM %s WHERE login = ?', $this->tablePrefixed);
        $rows = Db::fetchAll($sql, array($login));
        $codes = array_column($rows, 'recovery_code');
        return $codes;
    }

    public function deleteRecoveryCode($login, $recoveryCode)
    {
        $sql = sprintf('DELETE FROM %s WHERE login = ? and recovery_code = ?', $this->tablePrefixed);
        $query = Db::query($sql, array($login, $recoveryCode));
        return $query->rowCount();
    }

    public function deleteAllRecoveryCodesForLogin($login)
    {
        $query = sprintf('DELETE FROM %s WHERE login = ?', $this->tablePrefixed);

        Db::query($query, array($login));
    }

}
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-31 03:04:49 +0300