diff --git a/public_html/admin/install/config-install.php b/public_html/admin/install/config-install.php
index 77b50c7f6..17d9fdd7b 100644
--- a/public_html/admin/install/config-install.php
+++ b/public_html/admin/install/config-install.php
@@ -2,7 +2,7 @@
/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
-// | Geeklog 2.1 |
+// | Geeklog 2.2 |
// +---------------------------------------------------------------------------+
// | config-install.php |
// | |
@@ -275,7 +275,8 @@ function install_config()
$c->add('login_speedlimit',300,'text',4,18,NULL,1700,TRUE, $me, 18);
$c->add('invalidloginattempts',7,'text',4,18,NULL,1710,TRUE, $me, 18);
$c->add('invalidloginmaxtime',1200,'text',4,18,NULL,1720,TRUE, $me, 18);
-
+ $c->add('enable_twofactorauth',0,'select',4,18,NULL,1730,TRUE, $me, 18);
+
// password options
$c->add('fs_pass', NULL, 'fieldset', 4, 42, NULL, 0, TRUE, $me, 18);
$c->add('pass_alg', 1, 'select', 4, 42, 29, 800, TRUE, $me, 18);
diff --git a/sql/mysql_tableanddata.php b/sql/mysql_tableanddata.php
index 5a07722be..ebd79deef 100644
--- a/sql/mysql_tableanddata.php
+++ b/sql/mysql_tableanddata.php
@@ -497,6 +497,8 @@
num_reminders tinyint(1) NOT NULL default 0,
invalidlogins SMALLINT NOT NULL DEFAULT '0',
lastinvalid int(10) unsigned default NULL,
+ twofactorauth_enabled TINYINT(3) NOT NULL DEFAULT 0,
+ twofactorauth_secret VARCHAR(255) NOT NULL DEFAULT '',
PRIMARY KEY (uid),
KEY LOGIN (uid,passwd,username),
INDEX users_username(username),
@@ -515,6 +517,15 @@
) ENGINE=MyISAM
";
+$_SQL[] = "
+CREATE TABLE {$_TABLES['backup_codes']} (
+ code VARCHAR(16) NOT NULL UNIQUE,
+ uid MEDIUMINT(8) NOT NULL DEFAULT 0,
+ is_used TINYINT(1) NOT NULL DEFAULT 0,
+ PRIMARY KEY (code)
+) ENGINE=MyISAM
+";
+
// Data
$_DATA[] = "INSERT INTO {$_TABLES['access']} (acc_ft_id, acc_grp_id) VALUES (1,3) ";
$_DATA[] = "INSERT INTO {$_TABLES['access']} (acc_ft_id, acc_grp_id) VALUES (2,3) ";
diff --git a/sql/pgsql_tableanddata.php b/sql/pgsql_tableanddata.php
index 43b7439f9..dc96aa3c6 100644
--- a/sql/pgsql_tableanddata.php
+++ b/sql/pgsql_tableanddata.php
@@ -496,6 +496,8 @@
num_reminders smallint NOT NULL default 0,
invalidlogins SMALLINT NOT NULL DEFAULT '0',
lastinvalid int(10) unsigned default NULL,
+ twofactorauth_enabled SMALLINT NOT NULL DEFAULT 0,
+ twofactorauth_secret VARCHAR(255) NOT NULL DEFAULT '',
PRIMARY KEY (uid)
);
CREATE INDEX {$_TABLES['users']}_LOGIN ON {$_TABLES['users']}(uid,passwd,username);
@@ -514,6 +516,15 @@
)
";
+$_SQL[] = "
+CREATE TABLE {$_TABLES['backup_codes']} (
+ code VARCHAR(16) NOT NULL UNIQUE,
+ uid INT NOT NULL DEFAULT 0,
+ is_used SMALLINT NOT NULL DEFAULT 0,
+ PRIMARY KEY (code)
+)
+";
+
$_SQL[] = "
CREATE OR REPLACE FUNCTION UNIX_TIMESTAMP(timestamp with time zone) RETURNS integer AS '
SELECT ROUND(EXTRACT(EPOCH FROM ABSTIME($1)))::int4 AS result;
diff --git a/sql/updates/mysql_2.1.3_to_2.2.0.php b/sql/updates/mysql_2.1.3_to_2.2.0.php
index e9116cfa6..76ef074cc 100644
--- a/sql/updates/mysql_2.1.3_to_2.2.0.php
+++ b/sql/updates/mysql_2.1.3_to_2.2.0.php
@@ -25,6 +25,20 @@
$_SQL[] = "ALTER TABLE `{$_TABLES['users']}` ADD `invalidlogins` SMALLINT NOT NULL DEFAULT '0' AFTER `num_reminders`";
$_SQL[] = "ALTER TABLE `{$_TABLES['users']}` ADD `lastinvalid` INT(10) UNSIGNED NULL DEFAULT NULL AFTER `invalidlogins`";
+// Add columns for two factor authentication
+$_SQL[] = "ALTER TABLE `{$_TABLES['users']}` ADD `twofactorauth_enabled` TINYINT(3) NOT NULL DEFAULT 0 AFTER `lastinvalid`";
+$_SQL[] = "ALTER TABLE `{$_TABLES['users']}` ADD `twofactorauth_secret` VARCHAR(255) NOT NULL DEFAULT '' AFTER `twofactorauth_enabled`";
+
+// Add a table to store backup codes for two factor authentication
+$_SQL[] = "
+CREATE TABLE {$_TABLES['backup_codes']} (
+ code VARCHAR(16) NOT NULL UNIQUE,
+ uid MEDIUMINT(8) NOT NULL DEFAULT 0,
+ is_used TINYINT(1) NOT NULL DEFAULT 0,
+ PRIMARY KEY (code)
+) ENGINE=MyISAM
+";
+
/**
* Upgrade Messages
*/
@@ -75,6 +89,9 @@ function update_ConfValuesFor220()
// Hidden config option for Core used to determine language of article url (see _getLanguageInfoFromURL in lib-common)
$c->add('langurl_article',array('', 'article.php', 'story'),'@hidden',7,31,1,1830,TRUE, $me, 31);
+ // Add a config option to decide whether to globally allow two factor auth
+ $c->add('enable_twofactorauth',0,'select',4,18,NULL,1730,TRUE, $me, 18);
+
return true;
}
diff --git a/sql/updates/pgsql_2.1.3_to_2.2.0.php b/sql/updates/pgsql_2.1.3_to_2.2.0.php
index 219b4e70a..50b2462ce 100644
--- a/sql/updates/pgsql_2.1.3_to_2.2.0.php
+++ b/sql/updates/pgsql_2.1.3_to_2.2.0.php
@@ -25,6 +25,20 @@
$_SQL[] = "ALTER TABLE `{$_TABLES['users']}` ADD `invalidlogins` SMALLINT NOT NULL DEFAULT '0' AFTER `num_reminders`";
$_SQL[] = "ALTER TABLE `{$_TABLES['users']}` ADD `lastinvalid` INT(10) UNSIGNED NULL DEFAULT NULL AFTER `invalidlogins`";
+// Add columns for two factor authentication
+$_SQL[] = "ALTER TABLE `{$_TABLES['users']}` ADD `twofactorauth_enabled` SMALLINT NOT NULL DEFAULT 0 AFTER `lastinvalid`";
+$_SQL[] = "ALTER TABLE `{$_TABLES['users']}` ADD `twofactorauth_secret` VARCHAR(255) NOT NULL DEFAULT '' AFTER `twofactorauth_enabled`";
+
+// Add a table to store backup codes for two factor authentication
+$_SQL[] = "
+CREATE TABLE {$_TABLES['backup_codes']} (
+ code VARCHAR(16) NOT NULL UNIQUE,
+ uid INT NOT NULL DEFAULT 0,
+ is_used SMALLINT NOT NULL DEFAULT 0,
+ PRIMARY KEY (code)
+)
+";
+
/**
* Upgrade Messages
*/
@@ -75,6 +89,9 @@ function update_ConfValuesFor220()
// Hidden config option for Core used to determine language of article url (see _getLanguageInfoFromURL in lib-common)
$c->add('langurl_article',array('', 'article.php', 'story'),'@hidden',7,31,1,1830,TRUE, $me, 31);
+ // Add a config option to decide whether to globally allow two factor auth
+ $c->add('enable_twofactorauth',0,'select',4,18,NULL,1730,TRUE, $me, 18);
+
return true;
}
diff --git a/system/lib-database.php b/system/lib-database.php
index ded35a28c..19218122e 100644
--- a/system/lib-database.php
+++ b/system/lib-database.php
@@ -51,6 +51,7 @@
$_TABLES['access'] = $_DB_table_prefix . 'access';
$_TABLES['article_images'] = $_DB_table_prefix . 'article_images';
+$_TABLES['backup_codes'] = $_DB_table_prefix . 'backup_codes';
$_TABLES['blocks'] = $_DB_table_prefix . 'blocks';
$_TABLES['commentedits'] = $_DB_table_prefix . 'commentedits';
$_TABLES['commentnotifications'] = $_DB_table_prefix . 'commentnotifications';