git subrepo commit mailcow/src/mailcow-dockerized
subrepo: subdir: "mailcow/src/mailcow-dockerized"
merged: "308860af"
upstream: origin: "https://github.com/mailcow/mailcow-dockerized.git"
branch: "master"
commit: "3f1a5af8"
git-subrepo: version: "0.4.5"
origin: "???"
commit: "???"
Change-Id: I5d51c14b45db54fe706be40a591ddbfcea50d4b0
diff --git a/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/demo/demo.php b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/demo/demo.php
index 996dd92..9139381 100644
--- a/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/demo/demo.php
+++ b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/demo/demo.php
@@ -6,30 +6,46 @@
<body>
<ol>
<?php
- require_once 'loader.php';
- Loader::register('../lib','RobThree\\Auth');
+ // in practice you would require the composer loader if it was not already part of your framework or project
+ spl_autoload_register(function ($className) {
+ include_once str_replace(array('RobThree\\Auth', '\\'), array(__DIR__.'/../lib', '/'), $className) . '.php';
+ });
- use \RobThree\Auth\TwoFactorAuth;
-
- $tfa = new TwoFactorAuth('MyApp');
-
- echo '<li>First create a secret and associate it with a user';
- $secret = $tfa->createSecret(160); // Though the default is an 80 bits secret (for backwards compatibility reasons) we recommend creating 160+ bits secrets (see RFC 4226 - Algorithm Requirements)
- echo '<li>Next create a QR code and let the user scan it:<br><img src="' . $tfa->getQRCodeImageAsDataUri('My label', $secret) . '"><br>...or display the secret to the user for manual entry: ' . chunk_split($secret, 4, ' ');
- $code = $tfa->getCode($secret);
- echo '<li>Next, have the user verify the code; at this time the code displayed by a 2FA-app would be: <span style="color:#00c">' . $code . '</span> (but that changes periodically)';
- echo '<li>When the code checks out, 2FA can be / is enabled; store (encrypted?) secret with user and have the user verify a code each time a new session is started.';
- echo '<li>When aforementioned code (' . $code . ') was entered, the result would be: ' . (($tfa->verifyCode($secret, $code) === true) ? '<span style="color:#0c0">OK</span>' : '<span style="color:#c00">FAIL</span>');
+ // substitute your company or app name here
+ $tfa = new RobThree\Auth\TwoFactorAuth('RobThree TwoFactorAuth');
?>
+ <li>First create a secret and associate it with a user</li>
+ <?php
+ $secret = $tfa->createSecret();
+ ?>
+ <li>
+ Next create a QR code and let the user scan it:<br>
+ <img src="<?php echo $tfa->getQRCodeImageAsDataUri('Demo', $secret); ?>"><br>
+ ...or display the secret to the user for manual entry:
+ <?php echo chunk_split($secret, 4, ' '); ?>
+ </li>
+ <?php
+ $code = $tfa->getCode($secret);
+ ?>
+ <li>Next, have the user verify the code; at this time the code displayed by a 2FA-app would be: <span style="color:#00c"><?php echo $code; ?></span> (but that changes periodically)</li>
+ <li>When the code checks out, 2FA can be / is enabled; store (encrypted?) secret with user and have the user verify a code each time a new session is started.</li>
+ <li>
+ When aforementioned code (<?php echo $code; ?>) was entered, the result would be:
+ <?php if ($tfa->verifyCode($secret, $code) === true) { ?>
+ <span style="color:#0c0">OK</span>
+ <?php } else { ?>
+ <span style="color:#c00">FAIL</span>
+ <?php } ?>
+ </li>
</ol>
<p>Note: Make sure your server-time is <a href="http://en.wikipedia.org/wiki/Network_Time_Protocol">NTP-synced</a>! Depending on the $discrepancy allowed your time cannot drift too much from the users' time!</p>
<?php
- try {
- $tfa->ensureCorrectTime();
- echo 'Your hosts time seems to be correct / within margin';
- } catch (RobThree\Auth\TwoFactorAuthException $ex) {
- echo '<b>Warning:</b> Your hosts time seems to be off: ' . $ex->getMessage();
- }
+ try {
+ $tfa->ensureCorrectTime();
+ echo 'Your hosts time seems to be correct / within margin';
+ } catch (RobThree\Auth\TwoFactorAuthException $ex) {
+ echo '<b>Warning:</b> Your hosts time seems to be off: ' . $ex->getMessage();
+ }
?>
</body>
</html>