Issues in AllowedIpsController.php - New Issues - Inspection of "Refactored to throw exceptions instead of immediat..." - hiqdev/yii2-mfa - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 89ee1f...c82ddc )

by Dmitry

created 2017-08-04 09:49 UTC

src/controllers/AllowedIpsController.php (1 issue)

Labels

Unused Code 1

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Multi-factor authentication for Yii2 projects
 *
 * @link      https://github.com/hiqdev/yii2-mfa
 * @package   yii2-mfa
 * @license   BSD-3-Clause
 * @copyright Copyright (c) 2016-2017, HiQDev (http://hiqdev.com/)
 */

namespace hiqdev\yii2\mfa\controllers;

use hiqdev\yii2\mfa\exceptions\AuthenticationException;
use hiqdev\yii2\mfa\filters\ValidateAuthenticationFilter;
use Yii;
use yii\filters\AccessControl;

/**
 * Allowed IPs controller.
 */
class AllowedIpsController extends \yii\web\Controller
{
    public function behaviors()
    {
        return [
            'access' => [
                'class' => AccessControl::class,
                'only' => ['not-allowed-ip', 'other'],
                'denyCallback' => function () {
                    return $this->goHome();
                },
                'rules' => [
                    [
                        'actions' => ['not-allowed-ip'],
                        'allow' => true,
                        'matchCallback' => function ($action) {

                            $filter = new ValidateAuthenticationFilter();
                            try {
                                $filter->validateAuthentication(Yii::$app->user->identity);
                            } catch (AuthenticationException $e) {
                                // Show this page only when user have problems with IP
                                return true;
                            }

                            return false;
                        }
                    ]
                ],
            ],
        ];
    }

    public function actionNotAllowedIp($token = null)
    {
        $ip = Yii::$app->request->getUserIP();
        $user = $this->module->getHalfUser();
        if ($user && $token === 'send') {
            if (Yii::$app->confirmator->mailToken($user, 'add-allowed-ip', ['ip' => $ip])) {
                Yii::$app->session->setFlash('success', Yii::t('mfa', 'Check your email for further instructions.'));
            } else {
                Yii::$app->session->setFlash('error', Yii::t('mfa', 'Sorry, we are unable to add allowed IP for the user.'));
            }

            return $this->goHome();
        }
        if ($user && $token) {
            $token = Yii::$app->confirmator->findToken($token);
            if ($token && $token->check([
                'username' => $user->username,
                'action' => 'add-allowed-ip',
                'ip' => $ip,
            ])) {
                $user->allowed_ips .= $user->allowed_ips ? ',' . $ip : $ip;
                if ($user->save() && Yii::$app->user->login($user)) {
                    Yii::$app->session->setFlash('success', Yii::t('mfa', 'Now you are allowed to login from {ip}.', ['ip' => $ip]));

                    return $this->goBack();
                }
            }
            Yii::$app->session->setFlash('error', Yii::t('mfa', 'Sorry, we are unable to add allowed IP for the user.'));

            return $this->goHome();
        }

        return $this->render('notAllowedIp', compact('ip'));
    }
}


1			<?php
2			/**
3			* Multi-factor authentication for Yii2 projects
4			*
5			* @link https://github.com/hiqdev/yii2-mfa
6			* @package yii2-mfa
7			* @license BSD-3-Clause
8			* @copyright Copyright (c) 2016-2017, HiQDev (http://hiqdev.com/)
9			*/
10
11			namespace hiqdev\yii2\mfa\controllers;
12
13			use hiqdev\yii2\mfa\exceptions\AuthenticationException;
14			use hiqdev\yii2\mfa\filters\ValidateAuthenticationFilter;
15			use Yii;
16			use yii\filters\AccessControl;
17
18			/**
19			* Allowed IPs controller.
20			*/
21			class AllowedIpsController extends \yii\web\Controller
22			{
23			public function behaviors()
24			{
25			return [
26			'access' => [
27			'class' => AccessControl::class,
28			'only' => ['not-allowed-ip', 'other'],
29			'denyCallback' => function () {
30			return $this->goHome();
31			},
32			'rules' => [
33			[
34			'actions' => ['not-allowed-ip'],
35			'allow' => true,
36			'matchCallback' => function ($action) {
			0 ignored issues – show Unused Code introduced 2017-08-04 09:51 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$action` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
37			$filter = new ValidateAuthenticationFilter();
38			try {
39			$filter->validateAuthentication(Yii::$app->user->identity);
40			} catch (AuthenticationException $e) {
41			// Show this page only when user have problems with IP
42			return true;
43			}
44
45			return false;
46			}
47			]
48			],
49			],
50			];
51			}
52
53			public function actionNotAllowedIp($token = null)
54			{
55			$ip = Yii::$app->request->getUserIP();
56			$user = $this->module->getHalfUser();
57			if ($user && $token === 'send') {
58			if (Yii::$app->confirmator->mailToken($user, 'add-allowed-ip', ['ip' => $ip])) {
59			Yii::$app->session->setFlash('success', Yii::t('mfa', 'Check your email for further instructions.'));
60			} else {
61			Yii::$app->session->setFlash('error', Yii::t('mfa', 'Sorry, we are unable to add allowed IP for the user.'));
62			}
63
64			return $this->goHome();
65			}
66			if ($user && $token) {
67			$token = Yii::$app->confirmator->findToken($token);
68			if ($token && $token->check([
69			'username' => $user->username,
70			'action' => 'add-allowed-ip',
71			'ip' => $ip,
72			])) {
73			$user->allowed_ips .= $user->allowed_ips ? ',' . $ip : $ip;
74			if ($user->save() && Yii::$app->user->login($user)) {
75			Yii::$app->session->setFlash('success', Yii::t('mfa', 'Now you are allowed to login from {ip}.', ['ip' => $ip]));
76
77			return $this->goBack();
78			}
79			}
80			Yii::$app->session->setFlash('error', Yii::t('mfa', 'Sorry, we are unable to add allowed IP for the user.'));
81
82			return $this->goHome();
83			}
84
85			return $this->render('notAllowedIp', compact('ip'));
86			}
87			}
88

hiqdev / yii2-mfa

Push — master ( 89ee1f...c82ddc )

src/controllers/AllowedIpsController.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like