-
Notifications
You must be signed in to change notification settings - Fork 1
/
Security.cfc
112 lines (86 loc) · 2.35 KB
/
Security.cfc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
/**
* My Event Handler Hint
*/
component extends="coldbox.system.EventHandler"{
property name="userService" inject="users.UserService";
property name="securityService" inject="security.SecurityService";
property name="captchaService" inject="security.CaptchaService";
property name="passwordEstimator" inject="security.PasswordStrengthEstimator";
/**
* Executes before all handler actions
*/
any function preHandler( event, rc, prc, action, eventArguments ){
prc.RECAPTCHA_ENABLED = getSetting("RECAPTCHA_ENABLED");
prc.RECAPTCHA_SITE_KEY = getSetting("RECAPTCHA_SITE_KEY");
}
/**
* login
*/
any function login( event, rc, prc ){
prc.message = "";
event.setView("security/login");
}
/**
* logout
*/
any function logout( event, rc, prc ){
securityService.logout();
setNextEvent("login");
}
/**
* authenticate
*/
any function authenticate( event, rc, prc ) {
event.paramValue("username","");
event.paramValue("password","");
event.paramValue("g-recaptcha-response","");
prc.message = "";
if ( !prc.RECAPTCHA_ENABLED || captchaService.verify( event.getValue("g-recaptcha-response") ) ) {
var step1Valid = securityService.checkUsernameAndPassword(rc.username,rc.password);
if (step1Valid) {
if ( securityService.isStep2Required() ) {
setNextEvent("login/step2");
}
else {
setNextEvent("recipes");
}
}
else {
prc.message = "The username and password combination is invalid!";
event.setView("security/login");
}
}
else {
prc.message = "Invalid request!";
event.setView("security/login");
}
}
any function step2( event, rc, prc ) {
if ( securityService.isStep1Valid() ) {
event.setView("security/step2");
}
else {
setNextEvent("login");
}
}
any function verifyCode( event, rc, prc ) {
event.paramValue("passcode","");
if ( securityService.isStep1Valid() && len( rc.passcode ) ) {
if ( securityService.verifyOneTimePassword( rc.passcode ) ) {
setNextEvent("recipes");
}
else {
securityService.logout();
prc.message = "Two-factor authentication failed.";
event.setView("security/login");
}
}
else {
setNextEvent("security.login");
}
}
any function estimatePasswordStrength( event, rc, prc ) {
event.paramValue("password","");
return serializeJSON( passwordEstimator.estimate( rc.password ) );
}
}