admin/tool/mfa/classes/local/form/verification_field.php

   1 <?php
   2 // This file is part of Moodle - http://moodle.org/
   3 //
   4 // Moodle is free software: you can redistribute it and/or modify
   5 // it under the terms of the GNU General Public License as published by
   6 // the Free Software Foundation, either version 3 of the License, or
   7 // (at your option) any later version.
   8 //
   9 // Moodle is distributed in the hope that it will be useful,
  10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 // GNU General Public License for more details.
  13 //
  14 // You should have received a copy of the GNU General Public License
  15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 namespace tool_mfa\local\form;
  18
  19 defined('MOODLE_INTERNAL') || die();
  20 require_once($CFG->libdir . '/form/text.php');
  21
  22 /**
  23  * MFA Verification code element.
  24  *
  25  * @package     tool_mfa
  26  * @author      Peter Burnett <peterburnett@catalyst-au.net>
  27  * @copyright   Catalyst IT
  28  * @license     http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  29  */
  30 class verification_field extends \MoodleQuickForm_text {
  31
  32     /** @var bool */
  33     private $appendjs;
  34
  35     /**
  36      * Verification field is a text entry box that features some useful extras.
  37      *
  38      * Contains JS to autosubmit the auth page when code is entered, as well as additional styling.
  39      *
  40      * @param array $attributes
  41      * @param boolean $auth is this constructed in auth.php loginform_* definitions. Set to false to prevent autosubmission of form.
  42      */
  43     public function __construct($attributes = null, $auth = true) {
  44         global $PAGE;
  45
  46         // Force attributes.
  47         if (empty($attributes)) {
  48             $attributes = [];
  49         }
  50
  51         $attributes['autocomplete'] = 'one-time-code';
  52         $attributes['inputmode'] = 'numeric';
  53         $attributes['pattern'] = '[0-9]*';
  54         $attributes['class'] = 'tool-mfa-verification-code';
  55
  56         // If we aren't on the auth page, this might be part of a larger form such as for setup.
  57         // We shouldn't autofocus here, as it probably isn't the only element, or main target.
  58         if ($auth) {
  59             $attributes['autofocus'] = 'autofocus';
  60         }
  61
  62         // If we are on the auth page, load JS for element.
  63         $this->appendjs = false;
  64         if ($auth) {
  65             if ($PAGE->pagelayout === 'secure') {
  66                 $this->appendjs = true;
  67             } else {
  68                 $PAGE->requires->js_call_amd('tool_mfa/autosubmit_verification_code', 'init', []);
  69             }
  70         }
  71
  72         // Force element name to match JS.
  73         $elementname = 'verificationcode';
  74         $elementlabel = get_string('verificationcode', 'tool_mfa');
  75
  76         return parent::__construct($elementname, $elementlabel, $attributes);
  77     }
  78
  79     // @codingStandardsIgnoreStart
  80     /**
  81      * Returns HTML for this form element.
  82      *
  83      * @return string
  84      */
  85     public function toHtml() {
  86         // Empty the value after all attributes decided.
  87         $this->_attributes['value'] = '';
  88         $result = parent::toHtml();
  89
  90         $submitjs = "<script>
  91             document.querySelector('#id_verificationcode').addEventListener('keyup', function() {
  92                 if (this.value.length == 6) {
  93                     // Submits the closes form (parent).
  94                     this.closest('form').submit();
  95                 }
  96             });
  97             </script>";
  98
  99         if ($this->appendjs) {
 100             $result .= $submitjs;
 101         }
 102         return $result;
 103     }
 104     // @codingStandardsIgnoreEnd
 105
 106     /**
 107      * Setup and return the script for autosubmission while inside the secure layout.
 108      *
 109      * @return string the JS to inline attach to the rendered object.
 110      */
 111     public function secure_js(): string {
 112         // Empty the value after all attributes decided.
 113         $this->_attributes['value'] = '';
 114
 115         return "<script>
 116             document.querySelector('#id_verificationcode').addEventListener('keyup', function() {
 117                 if (this.value.length == 6) {
 118                     // Submits the closes form (parent).
 119                     this.closest('form').submit();
 120                 }
 121             });
 122         </script>";
 123     }
 124 }