feat: dist/ pridan do repa pro server deploy

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-13 09:19:40 +01:00
parent 1d27d19157
commit b2a2937a35
119 changed files with 15628 additions and 1 deletions
--- a/dist/api/admin/totp.php
+++ b/dist/api/admin/totp.php
@@ -0,0 +1,72 @@
+<?php
+
+/**
+ * TOTP 2FA API
+ *
+ * GET  ?action=status           - 2FA status
+ * POST ?action=setup            - generovat secret + QR
+ * POST ?action=enable           - overit kod a aktivovat 2FA
+ * POST ?action=disable          - deaktivovat 2FA
+ * POST ?action=verify           - overit TOTP kod pri loginu (pre-auth)
+ * POST ?action=backup_verify    - overit zalozhni kod pri loginu (pre-auth)
+ */
+
+declare(strict_types=1);
+
+require_once dirname(__DIR__) . '/config.php';
+require_once dirname(__DIR__) . '/includes/JWTAuth.php';
+require_once dirname(__DIR__) . '/includes/AuditLog.php';
+require_once dirname(__DIR__) . '/includes/RateLimiter.php';
+require_once dirname(__DIR__) . '/includes/Encryption.php';
+require_once __DIR__ . '/handlers/totp-handlers.php';
+
+use RobThree\Auth\TwoFactorAuth;
+use RobThree\Auth\TwoFactorAuthException;
+use RobThree\Auth\Providers\Qr\QRServerProvider;
+
+setCorsHeaders();
+setSecurityHeaders();
+setNoCacheHeaders();
+header('Content-Type: application/json; charset=utf-8');
+
+$method = $_SERVER['REQUEST_METHOD'];
+$action = $_GET['action'] ?? '';
+
+try {
+    $pdo = db();
+
+    switch ($action) {
+        case 'status':
+            handleStatus($pdo);
+            break;
+        case 'setup':
+            handleSetup($pdo, getTfa());
+            break;
+        case 'enable':
+            handleEnable($pdo, getTfa());
+            break;
+        case 'disable':
+            handleDisable($pdo, getTfa());
+            break;
+        case 'verify':
+            handleVerify($pdo, getTfa());
+            break;
+        case 'backup_verify':
+            handleBackupVerify($pdo);
+            break;
+        case 'get_required':
+            handleGetRequired($pdo);
+            break;
+        case 'set_required':
+            handleSetRequired($pdo);
+            break;
+        default:
+            errorResponse('Neplatná akce', 400);
+    }
+} catch (PDOException $e) {
+    error_log('TOTP API error: ' . $e->getMessage());
+    errorResponse('Chyba databáze', 500);
+} catch (Exception $e) {
+    error_log('TOTP error: ' . $e->getMessage());
+    errorResponse('Došlo k chybě', 500);
+}