TotpController::goBack() - Code Metrics - Inspection of "fixed go back action while totp check (#9)" - hiqdev/yii2-mfa - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 92c5a8...82641d )

by Dmitry

created 2020-01-17 17:20 UTC

TotpController::goBack() A

↳ Parent: TotpController

Complexity

Conditions	2
Paths	2

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	6

Importance

Changes

Metric	Value
dl	0
loc	9
ccs	0
cts	0
cp	0
rs	9.9666
c	0
b	0
f	0
cc	2
nc	2
nop	1
crap	6

<?php
/**
 * Multi-factor authentication for Yii2 projects
 *
 * @link      https://github.com/hiqdev/yii2-mfa
 * @package   yii2-mfa
 * @license   BSD-3-Clause
 * @copyright Copyright (c) 2016-2018, HiQDev (http://hiqdev.com/)
 */

namespace hiqdev\yii2\mfa\controllers;

use hiqdev\yii2\mfa\forms\InputForm;
use Yii;
use yii\filters\AccessControl;

/**
 * TOTP controller.
 * Time-based One Time Password.
 */
class TotpController extends \yii\web\Controller
{
    public function behaviors()
    {
        return array_merge(parent::behaviors(), [
            'access' => [
                'class' => AccessControl::class,
                'denyCallback' => [$this, 'denyCallback'],
                'rules' => [
                    // ? - guest
                    [
                        'actions' => ['check'],
                        'roles' => ['?'],
                        'allow' => true,
                    ],
                    // @ - authenticated
                    [
                        'actions' => ['enable', 'disable', 'toggle'],
                        'roles' => ['@'],
                        'allow' => true,
                    ],
                ],
            ],
        ]);
    }

    public function denyCallback()
    {
        return $this->goHome();
    }

    public function actionEnable($back = null)
    {
        $user = Yii::$app->user->identity;
        if ($user->totp_secret) {

            Yii::$app->session->setFlash('error', Yii::t('mfa', 'Two-factor authentication is already enabled. Disable first.'));

            return empty($back) ? $this->goHome() : $this->deferredRedirect($back);
        }

        $model = new InputForm();
        $secret = $this->module->getTotp()->getSecret();

        if ($model->load(Yii::$app->request->post()) && $model->validate()) {
            if ($this->module->getTotp()->verifyCode($secret, $model->code)) {
                $user->totp_secret = $secret;
                $this->module->getTotp()->setIsVerified(true);
                if ($user->save() && Yii::$app->user->login($user)) {
                    Yii::$app->session->setFlash('success', Yii::t('mfa', 'Two-factor authentication successfully enabled.'));

                    return empty($back) ? $this->goBack() : $this->deferredRedirect($back);
                } else {

                    Yii::$app->session->setFlash('error', Yii::t('mfa', 'Sorry, we have failed to enable two-factor authentication.'));

                    return empty($back) ? $this->goHome() : $this->deferredRedirect($back);
                }
            } else {
                $model->addError('code', Yii::t('mfa', 'Wrong verification code. Please verify your secret and try again.'));
            }
        }

        $qrcode = $this->module->getTotp()->getQRCodeImageAsDataUri($user->username, $secret);

        return $this->render('enable', compact('model', 'secret', 'qrcode'));
    }

    public function actionDisable($back = null)
    {
        $user = Yii::$app->user->identity;
        $model = new InputForm();
        $secret = $user->totp_secret;

        if ($model->load(Yii::$app->request->post()) && $model->validate()) {
            if ($this->module->getTotp()->verifyCode($secret, $model->code)) {
                $this->module->getTotp()->removeSecret();
                $user->totp_secret = '';
                if ($user->save()) {
                    Yii::$app->session->setFlash('success', Yii::t('mfa', 'Two-factor authentication successfully disabled.'));
                }

                return empty($back) ? $this->goBack() : $this->deferredRedirect($back);
            } else {
                $model->addError('code', Yii::t('mfa', 'Wrong verification code. Please verify your secret and try again.'));
            }
        }
        return $this->render('disable', compact('model'));
    }

    public function deferredRedirect($url = null)
    {
        return $this->render('redirect', compact('url'));
    }

    public function actionToggle($back = null)
    {
        $user = Yii::$app->user->identity;

        return empty($user->totp_secret) ? $this->actionEnable($back) : $this->actionDisable($back);
    }

    public function actionCheck()
    {
        $user = $this->module->getHalfUser();
        $model = new InputForm();
        $secret = $user->totp_secret;

        if ($model->load(Yii::$app->request->post()) && $model->validate()) {
            if ($this->module->getTotp()->verifyCode($secret, $model->code)) {
                $this->module->getTotp()->setIsVerified(true);
                Yii::$app->user->login($user);

                return $this->goBack();
            } else {
                $model->addError('code', Yii::t('mfa', 'Wrong verification code. Please verify your secret and try again.'));
            }
        }

        return $this->render('check', [
            'model' => $model,
            'issuer' => $this->module->getTotp()->issuer,
            'username' => $user->username,
        ]);
    }

    /**
     * @inheritDoc
     */
    public function goBack($defaultUrl = null)
    {
        $redirectUrl = Yii::$app->params['totpRedirectBackAction.url'];
        if (!empty($redirectUrl)) {
            return $this->redirect($redirectUrl);
        }

        return parent::goBack($defaultUrl);
    }
}


1		<?php
2		/**
3		* Multi-factor authentication for Yii2 projects
4		*
5		* @link https://github.com/hiqdev/yii2-mfa
6		* @package yii2-mfa
7		* @license BSD-3-Clause
8		* @copyright Copyright (c) 2016-2018, HiQDev (http://hiqdev.com/)
9		*/
10
11		namespace hiqdev\yii2\mfa\controllers;
12
13		use hiqdev\yii2\mfa\forms\InputForm;
14		use Yii;
15		use yii\filters\AccessControl;
16
17		/**
18		* TOTP controller.
19		* Time-based One Time Password.
20		*/
21		class TotpController extends \yii\web\Controller
22		{
23		public function behaviors()
24		{
25		return array_merge(parent::behaviors(), [
26		'access' => [
27		'class' => AccessControl::class,
28		'denyCallback' => [$this, 'denyCallback'],
29		'rules' => [
30		// ? - guest
31		[
32		'actions' => ['check'],
33		'roles' => ['?'],
34		'allow' => true,
35		],
36		// @ - authenticated
37		[
38		'actions' => ['enable', 'disable', 'toggle'],
39		'roles' => ['@'],
40		'allow' => true,
41		],
42		],
43		],
44		]);
45		}
46
47		public function denyCallback()
48		{
49		return $this->goHome();
50		}
51
52		public function actionEnable($back = null)
53		{
54		$user = Yii::$app->user->identity;
55	View Code Duplication	if ($user->totp_secret) {
		0 ignored issues – show Duplication introduced 2017-01-06 16:34 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
56		Yii::$app->session->setFlash('error', Yii::t('mfa', 'Two-factor authentication is already enabled. Disable first.'));
57
58		return empty($back) ? $this->goHome() : $this->deferredRedirect($back);
59		}
60
61		$model = new InputForm();
62		$secret = $this->module->getTotp()->getSecret();
63
64		if ($model->load(Yii::$app->request->post()) && $model->validate()) {
65		if ($this->module->getTotp()->verifyCode($secret, $model->code)) {
66		$user->totp_secret = $secret;
67		$this->module->getTotp()->setIsVerified(true);
68		if ($user->save() && Yii::$app->user->login($user)) {
69		Yii::$app->session->setFlash('success', Yii::t('mfa', 'Two-factor authentication successfully enabled.'));
70
71		return empty($back) ? $this->goBack() : $this->deferredRedirect($back);
72	View Code Duplication	} else {
		0 ignored issues – show Duplication introduced 2017-01-06 16:34 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
73		Yii::$app->session->setFlash('error', Yii::t('mfa', 'Sorry, we have failed to enable two-factor authentication.'));
74
75		return empty($back) ? $this->goHome() : $this->deferredRedirect($back);
76		}
77		} else {
78		$model->addError('code', Yii::t('mfa', 'Wrong verification code. Please verify your secret and try again.'));
79		}
80		}
81
82		$qrcode = $this->module->getTotp()->getQRCodeImageAsDataUri($user->username, $secret);
83
84		return $this->render('enable', compact('model', 'secret', 'qrcode'));
85		}
86
87		public function actionDisable($back = null)
88		{
89		$user = Yii::$app->user->identity;
90		$model = new InputForm();
91		$secret = $user->totp_secret;
92
93		if ($model->load(Yii::$app->request->post()) && $model->validate()) {
94		if ($this->module->getTotp()->verifyCode($secret, $model->code)) {
95		$this->module->getTotp()->removeSecret();
96		$user->totp_secret = '';
97		if ($user->save()) {
98		Yii::$app->session->setFlash('success', Yii::t('mfa', 'Two-factor authentication successfully disabled.'));
99		}
100
101		return empty($back) ? $this->goBack() : $this->deferredRedirect($back);
102		} else {
103		$model->addError('code', Yii::t('mfa', 'Wrong verification code. Please verify your secret and try again.'));
104		}
105		}
106		return $this->render('disable', compact('model'));
107		}
108
109		public function deferredRedirect($url = null)
110		{
111		return $this->render('redirect', compact('url'));
112		}
113
114		public function actionToggle($back = null)
115		{
116		$user = Yii::$app->user->identity;
117
118		return empty($user->totp_secret) ? $this->actionEnable($back) : $this->actionDisable($back);
119		}
120
121		public function actionCheck()
122		{
123		$user = $this->module->getHalfUser();
124		$model = new InputForm();
125		$secret = $user->totp_secret;
126
127		if ($model->load(Yii::$app->request->post()) && $model->validate()) {
128		if ($this->module->getTotp()->verifyCode($secret, $model->code)) {
129		$this->module->getTotp()->setIsVerified(true);
130		Yii::$app->user->login($user);
131
132		return $this->goBack();
133		} else {
134		$model->addError('code', Yii::t('mfa', 'Wrong verification code. Please verify your secret and try again.'));
135		}
136		}
137
138		return $this->render('check', [
139		'model' => $model,
140		'issuer' => $this->module->getTotp()->issuer,
141		'username' => $user->username,
142		]);
143		}
144
145		/**
146		* @inheritDoc
147		*/
148		public function goBack($defaultUrl = null)
149		{
150		$redirectUrl = Yii::$app->params['totpRedirectBackAction.url'];
151		if (!empty($redirectUrl)) {
152		return $this->redirect($redirectUrl);
153		}
154
155		return parent::goBack($defaultUrl);
156		}
157		}
158

hiqdev / yii2-mfa

Push — master ( 92c5a8...82641d )

TotpController::goBack() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like