secret = $secret;
}
public function init()
{
if (isset($_POST["auth"])) {
$_SESSION["otp"] = (string)$_POST["auth"]["otp"];
}
return null;
}
public function getLoginFormRow($fieldName, $label, $field)
{
if ($fieldName != "password") return null;
return "| $label | $field |
|---|
\n" .
"| OTP | " .
" | " .
"
|---|
\n";
}
public function authenticate($username, $password)
{
if (!isset($_SESSION["otp"])) return null;
if ($_SESSION["otp"] == "") {
return lang('Enter OTP code.');
}
$timeSlot = floor(time() / 30);
foreach ([0, -1, 1] as $skew) {
if ($_SESSION["otp"] == $this->getOtp($timeSlot + $skew)) {
restart_session();
unset($_SESSION["otp"]);
stop_session();
return null;
}
}
return lang('Invalid OTP code.');
}
private function getOtp($timeSlot)
{
$data = str_pad(pack("N", $timeSlot), 8, "\0", STR_PAD_LEFT);
$hash = Hash::hmacSha1($data, $this->secret);
$offset = ord(substr($hash, -1)) & 0xF;
$unpacked = unpack("N", substr($hash, $offset, 4));
return ($unpacked[1] & 0x7FFFFFFF) % 1e6;
}
}