[php] 123
Viewer
- if (isset($_GET['webauthn'])) {
- try {
- $webauthn = new \Davidearl\WebAuthn\WebAuthn($_SERVER['HTTP_HOST']);
- switch(TRUE){
- case isset($_POST['checkmfa']):
- $key = $core->query('SELECT webauthnkeys FROM accounts WHERE id = ? LIMIT 1', $data['id'])->fetchArray();
- $j['challenge'] = $webauthn->prepareForLogin($key['webauthnkeys']);
- break;
- case isset($_POST['confirmcheck']):
- $key = $core->query('SELECT webauthnkeys FROM accounts WHERE id = ? LIMIT 1', $data['id'])->fetchArray();
- if (! $webauthn->authenticate($_POST['confirmcheck'], $key['webauthnkeys'])) {
- http_response_code(401);
- echo 'failed to authenticate with that key';
- exit;
- }
- $j = 'ok';
- // Login
- session_regenerate_id();
- $_SESSION['loggedin'] = TRUE;
- $_SESSION['name'] = $data['username'];
- $_SESSION['id'] = $data['id'];
- break;
- default:
- http_response_code(400);
- echo "unrecognized POST\n";
- break;
- }
- } catch(Exception $ex) {
- oops($ex->getMessage());
- }
- }
Editor
You can edit this paste and save as new: