From a4b03295ad7eb6763b282afb48d29be4e017c1f6 Mon Sep 17 00:00:00 2001
From: Floorb <132411956+Neetpone@users.noreply.github.com>
Date: Fri, 16 Jul 2021 10:32:25 -0400
Subject: [PATCH] Begin work on recovery code system
---
login.php | 96 +++++++++++++++++++++++++------------------
theme/bulma/login.php | 31 +++++++++++---
2 files changed, 82 insertions(+), 45 deletions(-)
diff --git a/login.php b/login.php
index 395b678..429572c 100644
--- a/login.php
+++ b/login.php
@@ -34,52 +34,66 @@ $p_title = $lang['login/register']; // "Login/Register";
updatePageViews($conn);
-if ($_SERVER['REQUEST_METHOD'] === 'POST') {
- // Check if logged in
- if (isset($_SESSION['token'])) {
- header("Location: ./");
- exit;
+if (isset($_POST['forgot'])) {
+ if (!empty($_POST['username']) && !empty($_POST['recovery_code'])) {
+ $username = trim($_POST['username']);
+ $recovery_code = trim($_POST['recovery_code']);
+
+ $query = $conn->prepare("SELECT id, recovery_code_hash FROM users WHERE username = ?");
+ $query->execute([$username]);
+ $row = $query->fetch();
+ if ($row && password_verify($_POST['recovery_code'], $row['recovery_code_hash'])) {
+ $new_password = md5(random_bytes(64));
+ $new_password_hash = password_hash($new_password, PASSWORD_DEFAULT);
+
+ $recovery_code = hash('SHA512', random_bytes(64));
+ $new_recovery_code_hash = password_hash($recovery_code, PASSWORD_BCRYPT);
+
+ $conn->prepare('UPDATE users SET password = ?, recovery_code_hash = ? WHERE id = ?')
+ ->execute([$new_password_hash, $new_recovery_code_hash, $row['id']]);
+
+ $success = 'Your password has been changed. A new recovery code has also been generated. Please note the recovery code and then sign in with the new password.';
+ } else {
+ $error = $lang['incorrect'];
+ }
+ } else {
+ $error = $lang['missingfields']; // "All fields must be filled out";
}
+} else if (isset($_POST['signin'])) { // Login process
+ if (!empty($_POST['username']) && !empty($_POST['password'])) {
+ $username = trim($_POST['username']);
+ $query = $conn->prepare("SELECT id, password, banned, verified FROM users WHERE username = ?");
+ $query->execute([$username]);
+ $row = $query->fetch();
+ if ($row && password_verify($_POST['password'], $row['password'])) {
+ // Username found
+ $db_oauth_uid = $row['oauth_uid'];
+ $db_ip = $row['ip'];
+ $db_id = $row['id'];
- // Login process
- if (isset($_POST['signin'])) {
- if (!empty($_POST['username']) && !empty($_POST['password'])) {
- $username = trim($_POST['username']);
- $query = $conn->prepare("SELECT id, password, banned, verified FROM users WHERE username = ?");
- $query->execute([$username]);
- $row = $query->fetch();
- if ($row && password_verify($_POST['password'], $row['password'])) {
- // Username found
- $db_oauth_uid = $row['oauth_uid'];
- $db_ip = $row['ip'];
- $db_id = $row['id'];
+ if ($row['banned']) {
+ // User is banned
+ $error = $lang['banned'];
+ } if ($row['verified']) {
+ // Login successful
+ $_SESSION['token'] = md5($db_id . $username);
+ $_SESSION['oauth_uid'] = $db_oauth_uid;
+ $_SESSION['username'] = $username;
- if ($row['banned']) {
- // User is banned
- $error = $lang['banned'];
- } if ($row['verified']) {
- // Login successful
- $_SESSION['token'] = md5($db_id . $username);
- $_SESSION['oauth_uid'] = $db_oauth_uid;
- $_SESSION['username'] = $username;
-
- header('Location: ' . $_SERVER['HTTP_REFERER']);
- exit();
- } else {
- // Account not verified
- $error = $lang['notverified'];
- }
+ header('Location: ' . $_SERVER['HTTP_REFERER']);
+ exit();
} else {
- // Username not found or password incorrect.
- $error = $lang['incorrect'];
+ // Account not verified
+ $error = $lang['notverified'];
}
} else {
- $error = $lang['missingfields']; // "All fields must be filled out.";
+ // Username not found or password incorrect.
+ $error = $lang['incorrect'];
}
+ } else {
+ $error = $lang['missingfields']; // "All fields must be filled out.";
}
-}
-// Register process
-if (isset($_POST['signup'])) {
+} else if (isset($_POST['signup'])) { // Registration process
$username = htmlentities(trim($_POST['username'], ENT_QUOTES));
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
$chara_max = 25; //characters for max input
@@ -97,10 +111,12 @@ if (isset($_POST['signup'])) {
if ($query->fetch()) {
$error = $lang['userexists']; // "Username already taken.";
} else {
+ $recovery_code = hash('SHA512', random_bytes('64'));
+ $recovery_code_hash = password_hash($recovery_code, PASSWORD_BCRYPT);
$query = $conn->prepare(
- "INSERT INTO users (username, password, picture, date, ip, badge) VALUES (?, ?, 'NONE', ?, ?, '0')"
+ "INSERT INTO users (username, password, recovery_code_hash, picture, date, ip, badge) VALUES (?, ?, ?, 'NONE', ?, ?, '0')"
);
- $query->execute([$username, $password, $date, $ip]);
+ $query->execute([$username, $password, $recovery_code_hash, $date, $ip]);
$success = $lang['registered']; // "Your account was successfully registered.";
}
diff --git a/theme/bulma/login.php b/theme/bulma/login.php
index 3994cd4..80861bb 100644
--- a/theme/bulma/login.php
+++ b/theme/bulma/login.php
@@ -24,6 +24,17 @@
// Logged in
if (isset($success)) {
echo '' . $success . '
';
+ if (isset($new_password)) {
+ echo 'Your new password is as follows:
';
+ echo "${new_password}";
+ }
+
+ if (isset($recovery_code)) {
+ echo 'IMPORTANT!
';
+ echo 'If you wish to recover your account later, you will need the following code. Store it in a safe place!
';
+ echo "${recovery_code}";
+ echo 'If you do not save this code and you forget your password, there is no way to get your account back!
';
+ }
} // Errors
elseif (isset($error)) {
echo '' . $error . '
';
@@ -209,19 +220,29 @@
Forgot Password
+
You did save your recovery code, right?
+
+