added totp_only_on_ip_change

application/config/aauth.php

@@ -58,8 +58,8 @@
 $config['aauth']['recaptcha_secret'] = '';
 
 $config['aauth']['totp_active'] = false;
+$config['aauth']['totp_only_on_ip_change'] = false;
 $config['aauth']['totp_reset_over_reset_password'] = false;
-
 // login attempts time interval
 // default 20 times in one hour
 $config['aauth']['max_login_attempt'] = 10;

application/libraries/Aauth.php

@@ -236,7 +236,7 @@ public function login($identifier, $pass, $remember = FALSE, $totp_code = NULL)
 			}
 		}
 
-	 	if($this->config_vars['totp_active'] == TRUE){
+	 	if($this->config_vars['totp_active'] == TRUE AND $this->config_vars['totp_only_on_ip_change'] == FALSE){
 			$query = null;
 			$query = $this->aauth_db->where($db_identifier, $identifier);
 			$query = $this->aauth_db->get($this->config_vars['users']);
@@ -255,6 +255,32 @@ public function login($identifier, $pass, $remember = FALSE, $totp_code = NULL)
 				}
 			}
 	 	}
+
+	 	if($this->config_vars['totp_active'] == TRUE AND $this->config_vars['totp_only_on_ip_change'] == TRUE){
+			$query = null;
+			$query = $this->aauth_db->where($db_identifier, $identifier);
+			$query = $this->aauth_db->get($this->config_vars['users']);
+			$totp_secret =  $query->row()->totp_secret;
+			$ip_address = $query->row()->ip_address;
+			$current_ip_address = $this->CI->input->ip_address();
+			if ($query->num_rows() > 0 AND !$totp_code) {
+				if($ip_address != $current_ip_address ){
+					$this->error($this->CI->lang->line('aauth_error_totp_code_required'));
+					return FALSE;
+				}
+			}else {
+				if(!empty($totp_secret)){
+					if($ip_address != $current_ip_address ){
+						$ga = new PHPGangsta_GoogleAuthenticator();
+						$checkResult = $ga->verifyCode($totp_secret, $totp_code, 0);
+						if (!$checkResult) {
+							$this->error($this->CI->lang->line('aauth_error_totp_code_invalid'));
+							return FALSE;
+						}
+					}
+				}
+			}
+	 	}
 
 		// if email and pass matches and not banned
 		if ( $query->num_rows() > 0 ) {