mirror of
https://github.com/OpenXE-org/OpenXE.git
synced 2024-12-24 13:40:29 +01:00
Merge branch 'master' into mirakl
This commit is contained in:
commit
4351fd7b9d
@ -270,7 +270,7 @@ class TOTPLoginService
|
||||
$secret = $this->getTOTPSecret($userId);
|
||||
}
|
||||
|
||||
$query = "otpauth://totp/{$label}?secret=" . $secret . '&issuer=Xentral&algorithm=SHA1&digits=6&period=30';
|
||||
$query = "otpauth://totp/{$label}?secret=" . $secret . '&issuer=OpenXE&algorithm=SHA1&digits=6&period=30';
|
||||
|
||||
return $this->barcodeService->createQrCode($query);
|
||||
}
|
||||
|
@ -148,8 +148,7 @@ $tables = [
|
||||
'templatemessage',
|
||||
'shopimport_auftraege',
|
||||
'versandzentrum_log',
|
||||
'api_request_response_log',
|
||||
'shopimport_amazon_fees',
|
||||
'api_request_response_log'
|
||||
];
|
||||
$minMemoryMb = 1;
|
||||
$minMemory = $minMemoryMb * 1024 * 1024;
|
||||
@ -623,34 +622,11 @@ if($shopExportLogCleanerActive && $tage > 0) {
|
||||
|
||||
$shopExportLogCleanerActive = $app->erp->Firmendaten('cleaner_shopexportlog');
|
||||
$tage = (int)$app->erp->Firmendaten('cleaner_shopexportlog_tage');
|
||||
$isToDelete = !empty($tableSchemaByTables['shopimport_amazon_fees'])
|
||||
&& !empty($tableSchemaByTables['shopimport_amazon_fees']['todelete']);
|
||||
if((!$shopExportLogCleanerActive || $tage <= 0 || $tage > 30) && $isToDelete) {
|
||||
$shopExportLogCleanerActive = true;
|
||||
if($tage <= 0 || $tage > 30) {
|
||||
$tage = 30;
|
||||
}
|
||||
}
|
||||
|
||||
if($shopExportLogCleanerActive && $tage > 0) {
|
||||
if($tage < 30) {
|
||||
$tage = 30;
|
||||
}
|
||||
$app->DB->Delete(
|
||||
sprintf(
|
||||
"DELETE FROM `shopimport_amazon_fees`
|
||||
WHERE DATE_SUB(NOW(), INTERVAL %d DAY) >= `zeitstempel` OR `zeitstempel` = '0000-00-00 00:00:00'",
|
||||
$tage
|
||||
)
|
||||
);
|
||||
$affectedRows = $app->DB->affected_rows();
|
||||
if(!empty($tableSchemaByTables['shopimport_amazon_fees'])
|
||||
&& ($tableSchemaByTables['shopimport_amazon_fees']['todelete'] > 0)) {
|
||||
$tableSchemaByTables['shopimport_amazon_fees']['todelete'] -= $affectedRows;
|
||||
}
|
||||
if($affectedRows > 0 && !empty($optimize['shopimport_amazon_fees'])) {
|
||||
$app->DB->Query('OPTIMIZE TABLE `shopimport_amazon_fees`');
|
||||
unset($optimize['shopimport_amazon_fees']);
|
||||
}
|
||||
$app->DB->Update(
|
||||
"UPDATE prozessstarter SET letzteausfuerhung=NOW(),mutex=1,mutexcounter=0 WHERE parameter = 'cleaner' AND aktiv = 1"
|
||||
);
|
||||
|
@ -17873,6 +17873,23 @@ INSERT INTO `hook_register` (`hook_action`, `function`, `aktiv`, `position`, `ho
|
||||
;
|
||||
/* OpenXE 2024-02-03 für belegvorlagen */
|
||||
|
||||
/* OpenXE 2024-08-11 für TOTP */
|
||||
INSERT INTO `hook`(`name`, `aktiv`, `parametercount`, `alias`, `description`) VALUES
|
||||
('login_password_check_otp', 1, 3, '', '');
|
||||
|
||||
INSERT INTO `hook_register`(
|
||||
`hook_action`, `function`, `aktiv`, `position`, `hook`, `module`, `module_parameter`) VALUES
|
||||
( 0, 'TOTPCheckLogin', 1, 1, (SELECT id FROM hook WHERE NAME = 'login_password_check_otp' LIMIT 1), 'totp', 0);
|
||||
/* OpenXE 2024-08-11 für TOTP */
|
||||
|
||||
/* OpenXE 2024-08-11 für Smarty shopimport */
|
||||
INSERT INTO `hook` (`name`, `aktiv`, `parametercount`, `alias`, `description`) VALUES
|
||||
('ImportAuftragBefore', 1, 4, '', '');
|
||||
|
||||
INSERT INTO `hook_register` (`hook_action`, `function`, `aktiv`, `position`, `hook`, `module`, `module_parameter`) VALUES
|
||||
(0, 'ImportAuftragBeforeHook', 1, 1, (SELECT id FROM hook WHERE name = 'ImportAuftragBefore' LIMIT 1), 'onlineshops', 0);
|
||||
/* OpenXE 2024-08-11 für Smarty shopimport */
|
||||
|
||||
/*
|
||||
BelegPositionenButtons
|
||||
|
||||
|
@ -616,7 +616,7 @@ class TemplateParser {
|
||||
}
|
||||
}
|
||||
|
||||
if(count($this->VARARRAY)>0)
|
||||
if(!empty($this->VARARRAY))
|
||||
foreach($this->VARARRAY as $key=>$value)
|
||||
{
|
||||
if($key!="")
|
||||
|
@ -36,7 +36,7 @@ class PLACEHOLDER_MODULECLASSNAME {
|
||||
// columns that are aligned right (numbers etc)
|
||||
// $alignright = array(4,5,6,7,8);
|
||||
|
||||
$findcols = array('PLACEHOLDER_ID_COLUMN','PLACEHOLDER_ID_COLUMN',PLACEHOLDER_SQL_COLUMNS);
|
||||
$findcols = array('PLACEHOLDER_ID_COLUMN','PLACEHOLDER_ID_COLUMN',PLACEHOLDER_SQL_COLUMNS); // use 'null' for non-searchable columns
|
||||
$searchsql = array(PLACEHOLDER_SQL_COLUMNS);
|
||||
|
||||
$defaultorder = 1;
|
||||
@ -60,6 +60,8 @@ class PLACEHOLDER_MODULECLASSNAME {
|
||||
$count = "SELECT count(DISTINCT id) FROM PLACEHOLDER_MODULENAME WHERE $where";
|
||||
// $groupby = "";
|
||||
|
||||
// echo($sql." WHERE ".$where." ".$groupby);
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -62,7 +62,7 @@
|
||||
{|Rechnungsdatum|}:
|
||||
</td>
|
||||
<td>
|
||||
<input type="text" name="rechnungsdatum" id="rechnungsdatum" value="[RECHNUNGSDATUM]" size="20" [SAVEDISABLED]>
|
||||
<input type="text" name="rechnungsdatum" id="rechnungsdatum" value="[RECHNUNGSDATUM]" size="20" [SAVEDISABLED] required>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
@ -103,7 +103,7 @@
|
||||
{|Zahlbar bis|}:
|
||||
</td>
|
||||
<td>
|
||||
<input type="text" name="zahlbarbis" id="zahlbarbis" value="[ZAHLBARBIS]" size="20" [SAVEDISABLED]>
|
||||
<input type="text" name="zahlbarbis" id="zahlbarbis" value="[ZAHLBARBIS]" size="20" [SAVEDISABLED]> <input type="number" name="zahlbarbis_tage" id="zahlbarbis_tage" size="4" [SAVEDISABLED]> Tage
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
@ -119,7 +119,7 @@
|
||||
{|Skonto bis|}:
|
||||
</td>
|
||||
<td>
|
||||
<input type="text" name="skontobis" id="skontobis" value="[SKONTOBIS]" size="20" [SAVEDISABLED]>
|
||||
<input type="text" name="skontobis" id="skontobis" value="[SKONTOBIS]" size="20" [SAVEDISABLED]> <input type="number" name="skontobis_tage" id="skontobis_tage" size="4" [SAVEDISABLED]> Tage
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
|
@ -1,134 +1,133 @@
|
||||
<?php
|
||||
/*
|
||||
**** COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
|
||||
*
|
||||
* Xentral (c) Xentral ERP Sorftware GmbH, Fuggerstrasse 11, D-86150 Augsburg, * Germany 2019
|
||||
*
|
||||
* This file is licensed under the Embedded Projects General Public License *Version 3.1.
|
||||
*
|
||||
* You should have received a copy of this license from your vendor and/or *along with this file; If not, please visit www.wawision.de/Lizenzhinweis
|
||||
* to obtain the text of the corresponding license version.
|
||||
*
|
||||
**** END OF COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
|
||||
/*
|
||||
**** COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
|
||||
*
|
||||
* Xentral (c) Xentral ERP Sorftware GmbH, Fuggerstrasse 11, D-86150 Augsburg, * Germany 2019
|
||||
*
|
||||
* This file is licensed under the Embedded Projects General Public License *Version 3.1.
|
||||
*
|
||||
* You should have received a copy of this license from your vendor and/or *along with this file; If not, please visit www.wawision.de/Lizenzhinweis
|
||||
* to obtain the text of the corresponding license version.
|
||||
*
|
||||
**** END OF COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
|
||||
*/
|
||||
?>
|
||||
<?php
|
||||
|
||||
use Xentral\Components\Http\JsonResponse;
|
||||
use Xentral\Modules\TOTPLogin\TOTPLoginService;
|
||||
|
||||
class Totp
|
||||
{
|
||||
/** @var Application */
|
||||
private $app;
|
||||
|
||||
/**
|
||||
* Totp constructor.
|
||||
*
|
||||
* @param Application $app
|
||||
* @param bool $intern
|
||||
*/
|
||||
public function __construct($app, $intern = false)
|
||||
{
|
||||
$this->app = $app;
|
||||
|
||||
if($intern) return;
|
||||
|
||||
$app->ActionHandlerInit($this);
|
||||
|
||||
$app->ActionHandler('generate', 'TOTPGenerateSecretJSON');
|
||||
$app->ActionHandler('enable', 'TOTPEnable');
|
||||
$app->ActionHandler('disable', 'TOTPDisable');
|
||||
|
||||
$app->ActionHandlerListen($app);
|
||||
}
|
||||
|
||||
public function Install()
|
||||
{
|
||||
$tableName = 'user_totp';
|
||||
$this->app->erp->CheckTable($tableName);
|
||||
$this->app->erp->CheckColumn('id', 'UNSIGNED INT', $tableName, 'NOT NULL AUTO_INCREMENT');
|
||||
$this->app->erp->CheckColumn('user_id', 'INT', $tableName, 'UNSIGNED NOT NULL');
|
||||
$this->app->erp->CheckColumn('active', 'TINYINT(1)', $tableName, 'UNSIGNED DEFAULT 0');
|
||||
$this->app->erp->CheckColumn('secret', 'VARCHAR(100)', $tableName, 'NOT NULL');
|
||||
$this->app->erp->CheckColumn('created_at', 'TIMESTAMP', $tableName, 'DEFAULT NOW()');
|
||||
$this->app->erp->CheckColumn('modified_at', 'TIMESTAMP', $tableName);
|
||||
$this->app->erp->CheckIndex($tableName, 'user_id', true);
|
||||
|
||||
$this->app->erp->RegisterHook('login_password_check_otp', 'totp', 'TOTPCheckLogin', 1, false, null, 3);
|
||||
}
|
||||
|
||||
function TOTPDisable(){
|
||||
$action = $this->app->Secure->GetPOST('action');
|
||||
|
||||
if($action !== 'disable'){
|
||||
return new JsonResponse(['status' => 'error', 'msg' => 'muss POST sein'], 400);
|
||||
}
|
||||
|
||||
/** @var TOTPLoginService $totpLoginService */
|
||||
$totpLoginService = $this->app->Container->get('TOTPLoginService');
|
||||
|
||||
$userId = $this->app->User->GetID();
|
||||
|
||||
$totpLoginService->disableTotp($userId);
|
||||
|
||||
return new JsonResponse(['status' => 'success']);
|
||||
}
|
||||
|
||||
function TOTPEnable(){
|
||||
$secret = $this->app->Secure->GetPOST('secret');
|
||||
|
||||
if(empty($secret)){
|
||||
return new JsonResponse(['status' => 'error', 'msg' => 'Secret Empty'], 400);
|
||||
}
|
||||
|
||||
/** @var TOTPLoginService $totpLoginService */
|
||||
$totpLoginService = $this->app->Container->get('TOTPLoginService');
|
||||
|
||||
$userId = $this->app->User->GetID();
|
||||
|
||||
$totpLoginService->enableTotp($userId);
|
||||
$totpLoginService->setUserSecret($userId, $secret);
|
||||
|
||||
return new JsonResponse(['status' => 'success']);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $userID
|
||||
* @param $token
|
||||
* @param $passwordValid
|
||||
*
|
||||
* @throws Exception
|
||||
*/
|
||||
public function TOTPCheckLogin($userID, $token, &$passwordValid)
|
||||
{
|
||||
/** @var TOTPLoginService $totpLoginService */
|
||||
$totpLoginService = $this->app->Container->get('TOTPLoginService');
|
||||
|
||||
if(!$totpLoginService->isTOTPEnabled($userID)){
|
||||
return;
|
||||
}
|
||||
$passwordValid = $totpLoginService->isTokenValid($userID, $token);
|
||||
}
|
||||
|
||||
public function TOTPGenerateSecretJSON(){
|
||||
/** @var TOTPLoginService $totpLoginService */
|
||||
$totpLoginService = $this->app->Container->get('TOTPLoginService');
|
||||
|
||||
/** @var \Xentral\Components\Token\TOTPTokenManager $tokenManager */
|
||||
$tokenManager = $this->app->Container->get('TOTPTokenManager');
|
||||
|
||||
$secret = $tokenManager->generateBase32Secret();
|
||||
|
||||
$label = 'Xentral' . ' | ' . $this->app->erp->GetFirmaName();
|
||||
|
||||
$qr = $totpLoginService->generatePairingQrCode($this->app->User->GetID(), $label, $secret);
|
||||
|
||||
return new JsonResponse(
|
||||
[
|
||||
'secret' => $secret,
|
||||
'qr' => $qr->toHtml(4, 4)
|
||||
]
|
||||
);
|
||||
}
|
||||
}
|
||||
<?php
|
||||
|
||||
use Xentral\Components\Http\JsonResponse;
|
||||
use Xentral\Modules\TOTPLogin\TOTPLoginService;
|
||||
|
||||
class Totp
|
||||
{
|
||||
/** @var Application */
|
||||
private $app;
|
||||
|
||||
/**
|
||||
* Totp constructor.
|
||||
*
|
||||
* @param Application $app
|
||||
* @param bool $intern
|
||||
*/
|
||||
public function __construct($app, $intern = false)
|
||||
{
|
||||
$this->app = $app;
|
||||
|
||||
if($intern) return;
|
||||
|
||||
$app->ActionHandlerInit($this);
|
||||
|
||||
$app->ActionHandler('generate', 'TOTPGenerateSecretJSON');
|
||||
$app->ActionHandler('enable', 'TOTPEnable');
|
||||
$app->ActionHandler('disable', 'TOTPDisable');
|
||||
|
||||
$app->ActionHandlerListen($app);
|
||||
}
|
||||
|
||||
public function Install()
|
||||
{
|
||||
$tableName = 'user_totp';
|
||||
$this->app->erp->CheckTable($tableName);
|
||||
$this->app->erp->CheckColumn('id', 'UNSIGNED INT', $tableName, 'NOT NULL AUTO_INCREMENT');
|
||||
$this->app->erp->CheckColumn('user_id', 'INT', $tableName, 'UNSIGNED NOT NULL');
|
||||
$this->app->erp->CheckColumn('active', 'TINYINT(1)', $tableName, 'UNSIGNED DEFAULT 0');
|
||||
$this->app->erp->CheckColumn('secret', 'VARCHAR(100)', $tableName, 'NOT NULL');
|
||||
$this->app->erp->CheckColumn('created_at', 'TIMESTAMP', $tableName, 'DEFAULT NOW()');
|
||||
$this->app->erp->CheckColumn('modified_at', 'TIMESTAMP', $tableName);
|
||||
$this->app->erp->CheckIndex($tableName, 'user_id', true);
|
||||
|
||||
$this->app->erp->RegisterHook('login_password_check_otp', 'totp', 'TOTPCheckLogin', 1, false, null, 3);
|
||||
}
|
||||
|
||||
function TOTPDisable(){
|
||||
$action = $this->app->Secure->GetPOST('action');
|
||||
|
||||
if($action !== 'disable'){
|
||||
return new JsonResponse(['status' => 'error', 'msg' => 'muss POST sein'], 400);
|
||||
}
|
||||
|
||||
/** @var TOTPLoginService $totpLoginService */
|
||||
$totpLoginService = $this->app->Container->get('TOTPLoginService');
|
||||
|
||||
$userId = $this->app->User->GetID();
|
||||
|
||||
$totpLoginService->disableTotp($userId);
|
||||
|
||||
return new JsonResponse(['status' => 'success']);
|
||||
}
|
||||
|
||||
function TOTPEnable(){
|
||||
$secret = $this->app->Secure->GetPOST('secret');
|
||||
|
||||
if(empty($secret)){
|
||||
return new JsonResponse(['status' => 'error', 'msg' => 'Secret Empty'], 400);
|
||||
}
|
||||
|
||||
/** @var TOTPLoginService $totpLoginService */
|
||||
$totpLoginService = $this->app->Container->get('TOTPLoginService');
|
||||
|
||||
$userId = $this->app->User->GetID();
|
||||
|
||||
$totpLoginService->enableTotp($userId);
|
||||
$totpLoginService->setUserSecret($userId, $secret);
|
||||
|
||||
return new JsonResponse(['status' => 'success']);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $userID
|
||||
* @param $token
|
||||
* @param $passwordValid
|
||||
*
|
||||
* @throws Exception
|
||||
*/
|
||||
public function TOTPCheckLogin($userID, $token, &$passwordValid)
|
||||
{
|
||||
/** @var TOTPLoginService $totpLoginService */
|
||||
$totpLoginService = $this->app->Container->get('TOTPLoginService');
|
||||
if(!$totpLoginService->isTOTPEnabled($userID)){
|
||||
return;
|
||||
}
|
||||
$passwordValid = $totpLoginService->isTokenValid($userID, $token);
|
||||
}
|
||||
|
||||
public function TOTPGenerateSecretJSON(){
|
||||
/** @var TOTPLoginService $totpLoginService */
|
||||
$totpLoginService = $this->app->Container->get('TOTPLoginService');
|
||||
|
||||
/** @var \Xentral\Components\Token\TOTPTokenManager $tokenManager */
|
||||
$tokenManager = $this->app->Container->get('TOTPTokenManager');
|
||||
|
||||
$secret = $tokenManager->generateBase32Secret();
|
||||
|
||||
$label = 'OpenXE' . ':' . $this->app->User->Getname();
|
||||
|
||||
$qr = $totpLoginService->generatePairingQrCode($this->app->User->GetID(), $label, $secret);
|
||||
|
||||
return new JsonResponse(
|
||||
[
|
||||
'secret' => $secret,
|
||||
'qr' => $qr->toHtml(4, 4)
|
||||
]
|
||||
);
|
||||
}
|
||||
}
|
||||
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user