Skip to content

Instantly share code, notes, and snippets.

@sminnee
Last active May 1, 2017 07:20
Show Gist options
  • Save sminnee/bc646147f3941a764d0410f2044433c7 to your computer and use it in GitHub Desktop.
Save sminnee/bc646147f3941a764d0410f2044433c7 to your computer and use it in GitHub Desktop.
The world's most useless 2FA
diff --git a/mysite/code/CustomAuthenticator.php b/mysite/code/CustomAuthenticator.php
new file mode 100644
index 0000000..141a9f1
--- /dev/null
+++ b/mysite/code/CustomAuthenticator.php
@@ -0,0 +1,14 @@
+<?php
+
+use SilverStripe\Security\MemberAuthenticator\Authenticator;
+
+class CustomAuthenticator extends Authenticator
+{
+ /**
+ * @inherit
+ */
+ public function getLoginHandler($link)
+ {
+ return CustomLoginHandler::create($link, $this);
+ }
+}
diff --git a/mysite/code/CustomLoginHandler.php b/mysite/code/CustomLoginHandler.php
new file mode 100644
index 0000000..dbfbca3
--- /dev/null
+++ b/mysite/code/CustomLoginHandler.php
@@ -0,0 +1,76 @@
+<?php
+
+use SilverStripe\Security\MemberAuthenticator\LoginHandler;
+use SilverStripe\Security\Member;
+use SilverStripe\Control\Session;
+use SilverStripe\Forms\Form;
+use SilverStripe\Forms\FormAction;
+use SilverStripe\Forms\FieldList;
+use SilverStripe\Forms\TextField;
+
+use SilverStripe\Dev\Debug;
+
+class CustomLoginHandler extends LoginHandler
+{
+
+ private static $allowed_actions = [
+ 'step2',
+ 'secondStepForm',
+ ];
+
+ public function doLogin($data, $formHandler)
+ {
+ if ($member = $this->checkLogin($data)) {
+ Session::set('CustomLoginHandler.MemberID', $member->ID);
+ Session::set('CustomLoginHandler.Data', $data);
+ return $this->redirect($this->link('step2'));
+ }
+
+ // Fail to login redirects back to form
+ return $this->redirectBack();
+ }
+
+ public function step2()
+ {
+ return [
+ "Form" => $this->secondStepForm()
+ ];
+ }
+
+ public function secondStepForm()
+ {
+ return new Form(
+ $this,
+ "secondStepForm",
+ new FieldList(
+ new TextField('SecondFactor', 'Your 2FA (12345)')
+ ),
+ new FieldList(
+ new FormAction('completeSecondStep', 'Login in')
+ )
+ );
+ }
+
+ public function completeSecondStep($data)
+ {
+ if ($this->checkSecondFactor($data)) {
+ $memberID = Session::get('CustomLoginHandler.MemberID');
+ $member = Member::get()->byID($memberID);
+ $data = Session::get('CustomLoginHandler.Data');
+ if (!$member) {
+ return $this->redirectBack();
+ }
+ $this->performLogin($member, $data);
+ return $this->redirectAfterSuccessfulLogin();
+ }
+
+
+ // Fail to login redirects back to form
+ return $this->redirectBack();
+ }
+
+ protected function checkSecondFactor($data)
+ {
+ return $data['SecondFactor'] === '12345';
+ }
+}
@Firesphere
Copy link

It's actually quite useful as an example multi-step login for the documentation, so it's not entirely useless ;)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment