From: paulr Date: Tue, 16 Nov 2010 13:45:55 +0000 (+1100) Subject: Added some methods and made a todo file X-Git-Url: http://git.pjr.cc/?a=commitdiff_plain;h=3e8d21f3e93a304c7212e75810f6389cc2cb5bb8;p=ga4php.git Added some methods and made a todo file --- diff --git a/doco/TODO.txt b/doco/TODO.txt new file mode 100644 index 0000000..a0e158c --- /dev/null +++ b/doco/TODO.txt @@ -0,0 +1,8 @@ +The Almighty TODO list: + +1) Error checking, lots of error checking and sanity checking Then i need to setup error codes and stuff. +2) a "hasToken" method for determining if a user has a token or not +3) implement googles key integrity algorithm thing + +Maybe: +Move to exceptions diff --git a/doco/readme.txt b/doco/readme.txt index 8c8c9a8..6e8da30 100644 --- a/doco/readme.txt +++ b/doco/readme.txt @@ -1,3 +1,8 @@ +/* Note: This readme is moderately out of day, go see the GA4PHP +Wiki - http://code.google.com/p/ga4php/w/list But i'll keep the +file around for historical reasons */ + + The GA4PHP Project ================== diff --git a/lib/lib.php b/lib/lib.php index da5eace..218c98f 100644 --- a/lib/lib.php +++ b/lib/lib.php @@ -1,22 +1,5 @@ internalGetData($username); + // TODO: change this to a pattern match for an actual key + if(!isset($token["tokenkey"])) return false; + if($token["tokenkey"] == "") return false; + } + + // sets the key for a user - this is assuming you dont want // to use one created by the application. returns false // if the key is invalid or the user doesn't exist. @@ -99,12 +90,6 @@ abstract class GoogleAuthenticator { } - // have user? - function userExists($username) { - // need to think about this - } - - // self explanitory? function deleteUser($username) { // oh, we need to figure out how to do thi? @@ -117,6 +102,7 @@ abstract class GoogleAuthenticator { // it function authenticateUser($username, $code) { + if(preg_match("/[0-9][0-9][0-9][0-9][0-9][0-9]/",$code)<1) return false; error_log("begin auth user"); $tokendata = $this->internalGetData($username); $asdf = print_r($tokendata, true); @@ -229,8 +215,11 @@ abstract class GoogleAuthenticator { } // create a url compatibile with google authenticator. - function createURL($user, $key,$toktype = "HOTP") { + function createURL($user) { // oddity in the google authenticator... hotp needs to be lowercase. + $data = $this->internalGetData($user); + $toktype = $data["tokentype"]; + $key = $data["tokenkey"]; $toktype = strtolower($toktype); if($toktype == "hotp") { $url = "otpauth://$toktype/$user?secret=$key&counter=1"; @@ -355,5 +344,15 @@ abstract class GoogleAuthenticator { private $getDatafunction; private $putDatafunction; private $errorText; + private $errorCode; + + /* + * error codes + * 1: Auth Failed + * 2: No Key + * 3: input code was invalid (user input an invalid code - must be 6 numerical digits) + * 4: user doesnt exist? + * 5: key invalid + */ } ?> \ No newline at end of file