芝麻web文件管理V1.00
编辑当前文件:/home2/sdektunc/.trash/plugins.5/system/webauthn/src/PluginTraits/AdditionalLoginButtons.php
* @license GNU General Public License version 2 or later; see LICENSE.txt */ namespace Joomla\Plugin\System\Webauthn\PluginTraits; // Protect from unauthorized access \defined('_JEXEC') or die(); use Exception; use Joomla\CMS\Factory; use Joomla\CMS\Helper\AuthenticationHelper; use Joomla\CMS\HTML\HTMLHelper; use Joomla\CMS\Language\Text; use Joomla\CMS\Uri\Uri; use Joomla\CMS\User\UserHelper; use Joomla\Plugin\System\Webauthn\Helper\Joomla; /** * Inserts Webauthn buttons into login modules * * @since 4.0.0 */ trait AdditionalLoginButtons { /** * Do I need to I inject buttons? Automatically detected (i.e. disabled if I'm already logged in). * * @var boolean|null * @since 4.0.0 */ protected $allowButtonDisplay = null; /** * Have I already injected CSS and JavaScript? Prevents double inclusion of the same files. * * @var boolean * @since 4.0.0 */ private $injectedCSSandJS = false; /** * Should I allow this plugin to add a WebAuthn login button? * * @return boolean * * @since 4.0.0 */ private function mustDisplayButton(): bool { if (\is_null($this->allowButtonDisplay)) { $this->allowButtonDisplay = false; /** * Do not add a WebAuthn login button if we are already logged in */ try { if (!Factory::getApplication()->getIdentity()->guest) { return false; } } catch (Exception $e) { return false; } /** * Don't try to show a button if we can't figure out if this is a front- or backend page (it's probably a * CLI or custom application). */ try { Joomla::isAdminPage(); } catch (Exception $e) { return false; } /** * Only display a button on HTML output */ if (Joomla::getDocumentType() != 'html') { return false; } /** * WebAuthn only works on HTTPS. This is a security-related limitation of the W3C Web Authentication * specification, not an issue with this plugin :) */ if (!Uri::getInstance()->isSsl()) { return false; } // All checks passed; we should allow displaying a WebAuthn login button $this->allowButtonDisplay = true; } return $this->allowButtonDisplay; } /** * Creates additional login buttons * * @param string $form The HTML ID of the form we are enclosed in * * @return array * * @throws Exception * * @see AuthenticationHelper::getLoginButtons() * * @since 4.0.0 */ public function onUserLoginButtons(string $form): array { // If we determined we should not inject a button return early if (!$this->mustDisplayButton()) { return []; } // Load the language files $this->loadLanguage(); // Load necessary CSS and Javascript files $this->addLoginCSSAndJavascript(); // Return URL $uri = new Uri(Uri::base() . 'index.php'); $uri->setVar(Joomla::getToken(), '1'); // Unique ID for this button (allows display of multiple modules on the page) $randomId = 'plg_system_webauthn-' . UserHelper::genRandomPassword(12) . '-' . UserHelper::genRandomPassword(8); // Set up the JavaScript callback $url = $uri->toString(); // Get local path to image $image = HTMLHelper::_('image', 'plg_system_webauthn/webauthn.svg', '', '', true, true); // If you can't find the image then skip it $image = $image ? JPATH_ROOT . substr($image, \strlen(Uri::root(true))) : ''; // Extract image if it exists $image = file_exists($image) ? file_get_contents($image) : ''; return [ [ 'label' => 'PLG_SYSTEM_WEBAUTHN_LOGIN_LABEL', 'tooltip' => 'PLG_SYSTEM_WEBAUTHN_LOGIN_DESC', 'id' => $randomId, 'data-webauthn-form' => $form, 'data-webauthn-url' => $url, 'svg' => $image, 'class' => 'plg_system_webauthn_login_button', ], ]; } /** * Injects the WebAuthn CSS and Javascript for frontend logins, but only once per page load. * * @return void * * @since 4.0.0 */ private function addLoginCSSAndJavascript(): void { if ($this->injectedCSSandJS) { return; } // Set the "don't load again" flag $this->injectedCSSandJS = true; /** @var \Joomla\CMS\WebAsset\WebAssetManager $wa */ $wa = Factory::getApplication()->getDocument()->getWebAssetManager(); if (!$wa->assetExists('style', 'plg_system_webauthn.button')) { $wa->registerStyle('plg_system_webauthn.button', 'plg_system_webauthn/button.css'); } if (!$wa->assetExists('script', 'plg_system_webauthn.login')) { $wa->registerScript('plg_system_webauthn.login', 'plg_system_webauthn/login.js', [], ['defer' => true], ['core']); } $wa->useStyle('plg_system_webauthn.button') ->useScript('plg_system_webauthn.login'); // Load language strings client-side Text::script('PLG_SYSTEM_WEBAUTHN_ERR_CANNOT_FIND_USERNAME'); Text::script('PLG_SYSTEM_WEBAUTHN_ERR_EMPTY_USERNAME'); Text::script('PLG_SYSTEM_WEBAUTHN_ERR_INVALID_USERNAME'); // Store the current URL as the default return URL after login (or failure) Joomla::setSessionVar('returnUrl', Uri::current(), 'plg_system_webauthn'); } }