Compare commits
No commits in common. "b239b736899893c6c28a508870d32402a744daad" and "dbd0ab5f0e84dd829c43093665ebb0d55e639093" have entirely different histories.
b239b73689
...
dbd0ab5f0e
|
|
@ -1,9 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
// Already required in index.php, but we require it here,
|
|
||||||
// because this class could be used standalone
|
|
||||||
require_once __DIR__ . '/../helpers/logger_loader.php';
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class TwoFactorAuthentication
|
* Class TwoFactorAuthentication
|
||||||
*
|
*
|
||||||
|
|
@ -102,10 +98,7 @@ class TwoFactorAuthentication {
|
||||||
if ($code !== null) {
|
if ($code !== null) {
|
||||||
// Verify the setup code
|
// Verify the setup code
|
||||||
if (!$this->verify($userId, $code)) {
|
if (!$this->verify($userId, $code)) {
|
||||||
app_log('warning', '2FA setup code verification failed', [
|
error_log("Code verification failed");
|
||||||
'scope' => 'security',
|
|
||||||
'user_id' => $userId,
|
|
||||||
]);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -124,10 +117,7 @@ class TwoFactorAuthentication {
|
||||||
if ($this->db->inTransaction()) {
|
if ($this->db->inTransaction()) {
|
||||||
$this->db->rollBack();
|
$this->db->rollBack();
|
||||||
}
|
}
|
||||||
app_log('error', '2FA enable error: ' . $e->getMessage(), [
|
error_log('2FA enable error: ' . $e->getMessage());
|
||||||
'scope' => 'security',
|
|
||||||
'user_id' => $userId,
|
|
||||||
]);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -167,10 +157,7 @@ class TwoFactorAuthentication {
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
app_log('error', '2FA verification error: ' . $e->getMessage(), [
|
error_log('2FA verification error: ' . $e->getMessage());
|
||||||
'scope' => 'security',
|
|
||||||
'user_id' => $userId,
|
|
||||||
]);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -364,10 +351,7 @@ class TwoFactorAuthentication {
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
app_log('error', 'Backup code verification error: ' . $e->getMessage(), [
|
error_log('Backup code verification error: ' . $e->getMessage());
|
||||||
'scope' => 'security',
|
|
||||||
'user_id' => $userId,
|
|
||||||
]);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -394,10 +378,7 @@ class TwoFactorAuthentication {
|
||||||
return $stmt->execute([$userId]);
|
return $stmt->execute([$userId]);
|
||||||
|
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
app_log('error', '2FA disable error: ' . $e->getMessage(), [
|
error_log('2FA disable error: ' . $e->getMessage());
|
||||||
'scope' => 'security',
|
|
||||||
'user_id' => $userId,
|
|
||||||
]);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -416,10 +397,7 @@ class TwoFactorAuthentication {
|
||||||
return $result && $result['enabled'];
|
return $result && $result['enabled'];
|
||||||
|
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
app_log('error', '2FA status check error: ' . $e->getMessage(), [
|
error_log('2FA status check error: ' . $e->getMessage());
|
||||||
'scope' => 'security',
|
|
||||||
'user_id' => $userId,
|
|
||||||
]);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -435,10 +413,7 @@ class TwoFactorAuthentication {
|
||||||
return $stmt->fetch(PDO::FETCH_ASSOC);
|
return $stmt->fetch(PDO::FETCH_ASSOC);
|
||||||
|
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
app_log('error', 'Failed to get user 2FA settings: ' . $e->getMessage(), [
|
error_log('Failed to get user 2FA settings: ' . $e->getMessage());
|
||||||
'scope' => 'security',
|
|
||||||
'user_id' => $userId,
|
|
||||||
]);
|
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -13,25 +13,3 @@ function getLoggerInstance($database) {
|
||||||
require_once __DIR__ . '/../core/NullLogger.php';
|
require_once __DIR__ . '/../core/NullLogger.php';
|
||||||
return new \App\Core\NullLogger();
|
return new \App\Core\NullLogger();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!function_exists('app_log')) {
|
|
||||||
/**
|
|
||||||
* Lightweight logging helper that prefers the plugin logger but falls back to NullLogger.
|
|
||||||
*/
|
|
||||||
function app_log(string $level, string $message, array $context = []): void {
|
|
||||||
global $logObject;
|
|
||||||
|
|
||||||
if (isset($logObject) && is_object($logObject) && method_exists($logObject, 'log')) {
|
|
||||||
$logObject->log($level, $message, $context);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
static $fallbackLogger = null;
|
|
||||||
if ($fallbackLogger === null) {
|
|
||||||
require_once __DIR__ . '/../core/NullLogger.php';
|
|
||||||
$fallbackLogger = new \App\Core\NullLogger();
|
|
||||||
}
|
|
||||||
|
|
||||||
$fallbackLogger->log($level, $message, $context);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
|
||||||
|
|
@ -122,10 +122,18 @@ $pipeline->add(function() {
|
||||||
return true;
|
return true;
|
||||||
});
|
});
|
||||||
|
|
||||||
// Always detect authenticated session so templates shared
|
// For public pages, we don't need to validate the session
|
||||||
// between public and private pages behave consistently.
|
// The Router will handle authentication for protected pages
|
||||||
$validSession = Session::isValidSession(true);
|
$validSession = false;
|
||||||
$userId = $validSession ? Session::getUserId() : null;
|
$userId = null;
|
||||||
|
|
||||||
|
// Only check session for non-public pages
|
||||||
|
if (!in_array($page, $public_pages)) {
|
||||||
|
$validSession = Session::isValidSession(true);
|
||||||
|
if ($validSession) {
|
||||||
|
$userId = Session::getUserId();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Initialize feedback message system
|
// Initialize feedback message system
|
||||||
require_once '../app/classes/feedback.php';
|
require_once '../app/classes/feedback.php';
|
||||||
|
|
@ -154,9 +162,6 @@ $allowed_urls = filter_allowed_urls($allowed_urls);
|
||||||
require_once __DIR__ . '/../app/core/Router.php';
|
require_once __DIR__ . '/../app/core/Router.php';
|
||||||
use App\Core\Router;
|
use App\Core\Router;
|
||||||
$currentUser = Router::checkAuth($config, $app_root, $public_pages, $page);
|
$currentUser = Router::checkAuth($config, $app_root, $public_pages, $page);
|
||||||
if ($currentUser === null && $validSession) {
|
|
||||||
$currentUser = Session::getUsername();
|
|
||||||
}
|
|
||||||
|
|
||||||
// Connect to DB via DatabaseConnector
|
// Connect to DB via DatabaseConnector
|
||||||
require_once __DIR__ . '/../app/core/DatabaseConnector.php';
|
require_once __DIR__ . '/../app/core/DatabaseConnector.php';
|
||||||
|
|
@ -171,8 +176,6 @@ use App\Core\LogThrottler;
|
||||||
require_once __DIR__ . '/../app/core/NullLogger.php';
|
require_once __DIR__ . '/../app/core/NullLogger.php';
|
||||||
use App\Core\NullLogger;
|
use App\Core\NullLogger;
|
||||||
$logObject = new NullLogger();
|
$logObject = new NullLogger();
|
||||||
|
|
||||||
require_once __DIR__ . '/../app/helpers/logger_loader.php';
|
|
||||||
// Get the user IP
|
// Get the user IP
|
||||||
require_once __DIR__ . '/../app/helpers/ip_helper.php';
|
require_once __DIR__ . '/../app/helpers/ip_helper.php';
|
||||||
$user_IP = '';
|
$user_IP = '';
|
||||||
|
|
@ -217,9 +220,7 @@ try {
|
||||||
}
|
}
|
||||||
} catch (\Throwable $e) {
|
} catch (\Throwable $e) {
|
||||||
// Do not break the app; log only
|
// Do not break the app; log only
|
||||||
app_log('error', 'Migration check failed: ' . $e->getMessage(), [
|
error_log('Migration check failed: ' . $e->getMessage());
|
||||||
'scope' => 'system',
|
|
||||||
]);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// CSRF middleware and run pipeline
|
// CSRF middleware and run pipeline
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue