These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * Multi-factor authentication for Yii2 projects |
||
4 | * |
||
5 | * @link https://github.com/hiqdev/yii2-mfa |
||
6 | * @package yii2-mfa |
||
7 | * @license BSD-3-Clause |
||
8 | * @copyright Copyright (c) 2016-2017, HiQDev (http://hiqdev.com/) |
||
9 | */ |
||
10 | |||
11 | namespace hiqdev\yii2\mfa\controllers; |
||
12 | |||
13 | use hiqdev\yii2\mfa\exceptions\AuthenticationException; |
||
14 | use hiqdev\yii2\mfa\filters\ValidateAuthenticationFilter; |
||
15 | use Yii; |
||
16 | use yii\filters\AccessControl; |
||
17 | |||
18 | /** |
||
19 | * Allowed IPs controller. |
||
20 | */ |
||
21 | class AllowedIpsController extends \yii\web\Controller |
||
22 | { |
||
23 | public function behaviors() |
||
24 | { |
||
25 | return [ |
||
26 | 'access' => [ |
||
27 | 'class' => AccessControl::class, |
||
28 | 'only' => ['not-allowed-ip', 'other'], |
||
29 | 'denyCallback' => function () { |
||
30 | return $this->goHome(); |
||
31 | }, |
||
32 | 'rules' => [ |
||
33 | [ |
||
34 | 'actions' => ['not-allowed-ip'], |
||
35 | 'allow' => true, |
||
36 | 'matchCallback' => function ($action) { |
||
0 ignored issues
–
show
|
|||
37 | $filter = new ValidateAuthenticationFilter(); |
||
38 | try { |
||
39 | $filter->validateAuthentication(Yii::$app->user->identity); |
||
40 | } catch (AuthenticationException $e) { |
||
41 | // Show this page only when user have problems with IP |
||
42 | return true; |
||
43 | } |
||
44 | |||
45 | return false; |
||
46 | } |
||
47 | ] |
||
48 | ], |
||
49 | ], |
||
50 | ]; |
||
51 | } |
||
52 | |||
53 | public function actionNotAllowedIp($token = null) |
||
54 | { |
||
55 | $ip = Yii::$app->request->getUserIP(); |
||
56 | $user = $this->module->getHalfUser(); |
||
57 | if ($user && $token === 'send') { |
||
58 | if (Yii::$app->confirmator->mailToken($user, 'add-allowed-ip', ['ip' => $ip])) { |
||
59 | Yii::$app->session->setFlash('success', Yii::t('mfa', 'Check your email for further instructions.')); |
||
60 | } else { |
||
61 | Yii::$app->session->setFlash('error', Yii::t('mfa', 'Sorry, we are unable to add allowed IP for the user.')); |
||
62 | } |
||
63 | |||
64 | return $this->goHome(); |
||
65 | } |
||
66 | if ($user && $token) { |
||
67 | $token = Yii::$app->confirmator->findToken($token); |
||
68 | if ($token && $token->check([ |
||
69 | 'username' => $user->username, |
||
70 | 'action' => 'add-allowed-ip', |
||
71 | 'ip' => $ip, |
||
72 | ])) { |
||
73 | $user->allowed_ips .= $user->allowed_ips ? ',' . $ip : $ip; |
||
74 | if ($user->save() && Yii::$app->user->login($user)) { |
||
75 | Yii::$app->session->setFlash('success', Yii::t('mfa', 'Now you are allowed to login from {ip}.', ['ip' => $ip])); |
||
76 | |||
77 | return $this->goBack(); |
||
78 | } |
||
79 | } |
||
80 | Yii::$app->session->setFlash('error', Yii::t('mfa', 'Sorry, we are unable to add allowed IP for the user.')); |
||
81 | |||
82 | return $this->goHome(); |
||
83 | } |
||
84 | |||
85 | return $this->render('notAllowedIp', compact('ip')); |
||
86 | } |
||
87 | } |
||
88 |
This check looks from parameters that have been defined for a function or method, but which are not used in the method body.