tokendata = $token; } public function getData($username) { global $twofa; $tokendata = $this->tokendata ? $this->tokendata : $twofa->getUserSetting('tokendata'); return $tokendata; } public function putData($username, $data) { global $twofa; $twofa->saveUserSettings(array( 'tokendata' => $data )); return true; } public function getUsers() { return false; } } function totp_config() { $licensing = WHMCS_License::getinstance(); $licensedata = $licensing->getKeyData('configoptions'); $totpenabled = array_key_exists('TOTP', $licensedata) ? $licensedata['TOTP'] : 0; $configarray = array( 'FriendlyName' => array( 'Type' => 'System', 'Value' => "Time-based HMAC One-Time Password (TOTP)" ), 'Description' => array( 'Type' => 'System', 'Value' => "TOTP requires that a user enter a 6 digit code that changes every 30 seconds to complete login. This works with mobile apps such as OATH Token and Google Authenticator.

For more information about Time Based Tokens, please click here." . ($totpenabled ? '' : "

Just \$1.50 per month (unlimited users)") ), 'Licensed' => array( 'Type' => 'System', 'Value' => $totpenabled ? true : false ), 'SubscribeLink' => array( 'Type' => 'System', 'Value' => "http://nullrefer.com/?http://go.whmcs.com/114/totp" ) ); return $configarray; } function totp_activate($params) { $whmcs = WHMCS_Application::getinstance(); if($whmcs->get_req_var('showqrimage')) { if(!isset($_SESSION['totpqrurl'])) { exit(); } include(ROOTDIR . "/modules/security/totp/phpqrcode.php"); QRcode::png($_SESSION['totpqrurl'], false, 6, 6); exit(); } $username = $params['user_info']['username']; $tokendata = isset($params['user_settings']['tokendata']) ? $params['user_settings']['tokendata'] : ''; totp_loadgaclass(); $gaotp = new MyOauth(); $username = $whmcs->sanitize('a-z', $whmcs->get_config('CompanyName')) . ":" . $username; if($whmcs->get_req_var('step') == 'verify') { $verifyfail = false; if($whmcs->get_req_var('verifykey')) { $ans = $gaotp->authenticateUser($username, $whmcs->get_req_var('verifykey')); if($ans) { $output = array(); $output['completed'] = true; $output['msg'] = "Key Verified Successfully!"; $output['settings'] = array( 'tokendata' => $tokendata ); return $output; } $verifyfail = true; } $output = "

" . $whmcs->get_lang('twoipverificationstep') . "

" . $whmcs->get_lang('twoipverificationstepmsg') . "

"; if($verifyfail) { $output .= "

" . $whmcs->get_lang('twoipverificationerror') . "
" . $whmcs->get_lang('twoipcodemissmatch') . "

"; } $output .= ""; } else { $key = $gaotp->setUser($username, 'TOTP'); $url = $gaotp->createUrl($username); $_SESSION['totpqrurl'] = $url; $output = "

" . $whmcs->get_lang('twoiptimebasedpassword') . "

" . $whmcs->get_lang('twoiptimebasedexplain') . "

" . $whmcs->get_lang('twoipconfigureapp') . "

" . $whmcs->get_lang('twoipconfigurestep1') . "
" . $whmcs->get_lang('twoipconfigurestep2') . "\"" . $gaotp->getKey($username) . "\"

" . (function_exists('imagecreate') ? "

" : "" . ${$whmcs}->get_lang('twoipgdmissing') . "") . "

"; } return $output; } function totp_challenge($params) { $whmcs = WHMCS_Application::getinstance(); $output = ""; return $output; } function totp_get_used_otps() { $whmcs = WHMCS_Application::getinstance(); $usedotps = $whmcs->get_config('TOTPUsedOTPs'); $usedotps = $usedotps ? unserialize($usedotps) : array(); if(!is_array($usedotps)) { $usedotps = array(); } return $usedotps; } function totp_verify($params) { $whmcs = WHMCS_Application::getinstance(); $username = $params['admin_info']['username']; $tokendata = $params['admin_settings']['tokendata']; $key = $params['post_vars']['key']; totp_loadgaclass(); $gaotp = new MyOauth(); $gaotp->setTokenData($tokendata); $username = "WHMCS:" . $username; $usedotps = totp_get_used_otps(); $hash = md5($username . $key); if(array_key_exists($hash, $usedotps)) { return false; } $ans = false; $ans = $gaotp->authenticateUser($username, $key); if($ans) { $usedotps[$hash] = time(); $expiretime = time() - 5 * 60; foreach($usedotps as $k => $time) { if($time < $expiretime) { unset($usedotps[$k]); } else { break; } } $whmcs->set_config('TOTPUsedOTPs', serialize($usedotps)); } return $ans; } function totp_loadgaclass() { if(!class_exists('GoogleAuthenticator')) { include(ROOTDIR . "/modules/security/totp/ga4php.php"); class MyOauth extends GoogleAuthenticator { private $tokendata = ''; public function setTokenData($token) { $this->tokendata = $token; } public function getData($username) { global $twofa; $tokendata = $this->tokendata ? $this->tokendata : $twofa->getUserSetting('tokendata'); return $tokendata; } public function putData($username, $data) { global $twofa; $twofa->saveUserSettings(array( 'tokendata' => $data )); return true; } public function getUsers() { return false; } } } }