REL1_34/php/TOTPDisableForm_8php_source.html

<?php


namespace MediaWiki\Extension\OATHAuth\HTMLForm;


use MediaWiki\Extension\OATHAuth\Module\TOTP;

use MediaWiki\Logger\LoggerFactory;

use Message;

use MWException;


class TOTPDisableForm extends OATHAuthOOUIHTMLForm implements IManageForm {


    public function onSuccess() {

        $this->getOutput()->addWikiMsg( 'oathauth-disabledoath' );

    }


    protected function getDescriptors() {

        return [

            'token' => [

                'type' => 'text',

                'label-message' => 'oathauth-entertoken',

                'name' => 'token',

                'required' => true,

                'autofocus' => true,

                'dir' => 'ltr',

                'autocomplete' => false,

                'spellcheck' => false,

            ]

        ];

    }


    public function onSubmit( array $formData ) {

        // Don't increase pingLimiter, just check for limit exceeded.

        if ( $this->oathUser->getUser()->pingLimiter( 'badoath', 0 ) ) {

            // Arbitrary duration given here

            LoggerFactory::getInstance( 'authentication' )->info(

                'OATHAuth {user} rate limited while disabling 2FA from {clientip}', [

                    'user' => $this->getUser()->getName(),

                    'clientip' => $this->getRequest()->getIP(),

                ]

            );

            return [ 'oathauth-throttled', Message::durationParam( 60 ) ];

        }


        $module = $this->oathUser->getModule();

        if ( $module instanceof TOTP ) {

            if ( !$module->verify( $this->oathUser, [ 'token' => $formData['token'] ] ) ) {

                LoggerFactory::getInstance( 'authentication' )->info(

                    'OATHAuth {user} failed to provide a correct token while disabling 2FA from {clientip}', [

                        'user' => $this->getUser()->getName(),

                        'clientip' => $this->getRequest()->getIP(),

                    ]

                );

                return [ 'oathauth-failedtovalidateoath' ];

            }

        }


        $this->oathUser->setKeys();

        $this->oathRepo->remove( $this->oathUser, $this->getRequest()->getIP() );


        return true;

    }


}


ContextSource\getUser
getUser()
Definition ContextSource.php:120

ContextSource\getRequest
getRequest()
Definition ContextSource.php:71

ContextSource\getOutput
getOutput()
Definition ContextSource.php:112

MWException
MediaWiki exception.
Definition MWException.php:26

MediaWiki\Extension\OATHAuth\HTMLForm\OATHAuthOOUIHTMLForm
Definition OATHAuthOOUIHTMLForm.php:17

MediaWiki\Extension\OATHAuth\HTMLForm\OATHAuthOOUIHTMLForm\$module
IModule $module
Definition OATHAuthOOUIHTMLForm.php:29

MediaWiki\Extension\OATHAuth\HTMLForm\TOTPDisableForm
Definition TOTPDisableForm.php:10

MediaWiki\Extension\OATHAuth\HTMLForm\TOTPDisableForm\getDescriptors
getDescriptors()
Definition TOTPDisableForm.php:18

MediaWiki\Extension\OATHAuth\HTMLForm\TOTPDisableForm\onSubmit
onSubmit(array $formData)
Definition TOTPDisableForm.php:38

MediaWiki\Extension\OATHAuth\HTMLForm\TOTPDisableForm\onSuccess
onSuccess()
Add content to output when operation was successful.
Definition TOTPDisableForm.php:14

MediaWiki\Extension\OATHAuth\Module\TOTP
Definition TOTP.php:18

MediaWiki\Logger\LoggerFactory
PSR-3 logger instance factory.
Definition LoggerFactory.php:45

Message
The Message class provides methods which fulfil two basic services:
Definition Message.php:162

Message\durationParam
static durationParam( $duration)
Definition Message.php:1049

MediaWiki\Extension\OATHAuth\HTMLForm\IManageForm
Definition IManageForm.php:10

MediaWiki\Extension\OATHAuth\IModule\verify
verify(OATHUser $user, array $data)
Run the validation.

MediaWiki\Extension\OATHAuth\HTMLForm
Definition IManageForm.php:3