boha_admin/app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
758be819c3e0d0670b248b9977686e510ad93957
app/api/admin/totp.php
Simon bb2bbb8ff6 feat: mobilni responsivita, testy, klavesove zkratky, drag & drop, univerzalizace 
- Mobile responsive CSS (touch targets 44px, iOS anti-zoom, reduced motion)
- Vitest setup s 39 testy (formatters, attendanceHelpers, useTableSort)
- Klavesove zkratky (Shift+? napoveda, Ctrl+S ulozit, navigace)
- Drag & drop pro polozky nabidek (@dnd-kit, SortableRow, useSortableList)
- Univerzalizace: odstraneni BOHA brandingu z UI, emailu, PDF
- Smazany nepotrebne soubory (deploy.sh, AUTH_SYSTEM.md, example_design, .htaccess)
- CORS konfigurovatelny pres env promennou

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-12 17:33:37 +01:00

73 lines
2.1 KiB
PHP
Raw Blame History

<?php
/**
* TOTP 2FA API
*
* GET ?action=status - 2FA status
* POST ?action=setup - generovat secret + QR
* POST ?action=enable - overit kod a aktivovat 2FA
* POST ?action=disable - deaktivovat 2FA
* POST ?action=verify - overit TOTP kod pri loginu (pre-auth)
* POST ?action=backup_verify - overit zalozhni kod pri loginu (pre-auth)
*/
declare(strict_types=1);
require_once dirname(__DIR__) . '/config.php';
require_once dirname(__DIR__) . '/includes/JWTAuth.php';
require_once dirname(__DIR__) . '/includes/AuditLog.php';
require_once dirname(__DIR__) . '/includes/RateLimiter.php';
require_once dirname(__DIR__) . '/includes/Encryption.php';
require_once __DIR__ . '/handlers/totp-handlers.php';
use RobThree\Auth\TwoFactorAuth;
use RobThree\Auth\TwoFactorAuthException;
use RobThree\Auth\Providers\Qr\QRServerProvider;
setCorsHeaders();
setSecurityHeaders();
setNoCacheHeaders();
header('Content-Type: application/json; charset=utf-8');
$method = $_SERVER['REQUEST_METHOD'];
$action = $_GET['action'] ?? '';
try {
$pdo = db();
switch ($action) {
case 'status':
handleStatus($pdo);
break;
case 'setup':
handleSetup($pdo, getTfa());
break;
case 'enable':
handleEnable($pdo, getTfa());
break;
case 'disable':
handleDisable($pdo, getTfa());
break;
case 'verify':
handleVerify($pdo, getTfa());
break;
case 'backup_verify':
handleBackupVerify($pdo);
break;
case 'get_required':
handleGetRequired($pdo);
break;
case 'set_required':
handleSetRequired($pdo);
break;
default:
errorResponse('Neplatná akce', 400);
}
} catch (PDOException $e) {
error_log('TOTP API error: ' . $e->getMessage());
errorResponse('Chyba databáze', 500);
} catch (Exception $e) {
error_log('TOTP error: ' . $e->getMessage());
errorResponse('Došlo k chybě', 500);
}
Reference in New Issue View Git Blame Copy Permalink