src/app/code/community/MageHackDay/TwoFactorAuth/controllers/CustomerController.php from magento-hackathon/Magento-Two-factor-Authentication

src/app/code/community/MageHackDay/TwoFactorAuth/controllers/CustomerController.php
Summary

Maintainability

2 hrs
Test Coverage

Issues
<?php

/**
 * Class MageHackDay_TwoFactorAuth_CustomerController
 * TODO add class documentation
 */
class MageHackDay_TwoFactorAuth_CustomerController extends Mage_Core_Controller_Front_Action
{
    /**
     * TODO add method docs
     * @return Mage_Core_Controller_Front_Action|void
     */
    public function preDispatch()
    {
        if(!Mage::helper('twofactorauth')->isFrontendActive()) {
            $this->_forward('defaultNoRoute');
        }
        parent::preDispatch();
        if (!Mage::getSingleton('customer/session')->authenticate($this)) {
            $this->setFlag('', 'no-dispatch', true);
        }
    }

    /**
     * TODO add method docs
     */
    public function configureAction()
    {
        $this->loadLayout();
        $this->renderLayout();
    }

    /**
     * TODO add method docs
     * @return Mage_Core_Controller_Varien_Action
     */
    public function saveAction()
    {
        if (!$this->_validateFormKey()) {
            return $this->_redirect('twofactorauth/customer/configure');
        }

        $customer = Mage::getSingleton('customer/session')->getCustomer();
        $enable = $this->getRequest()->getParam('enabled', 0);
        $code = $this->getRequest()->getParam('code');
        $secret = $this->getRequest()->getParam('secret');

        try {
            // The user is trying to verify a new account
            if ($enable && $code) {
                $authHelper = Mage::helper('twofactorauth/auth');

                if ($authHelper->verifyCode($code, $secret)) {
                    $customer->setTwofactorauthToken($secret);
                } else {
                    throw new MageHackDay_TwoFactorAuth_Model_Exception('The secret code you entered was invalid.');
                }
            }
            // The user is turning off 2fa, unset their token
            elseif (!$enable) {
                $customer->setTwofactorauthToken(null);
            }

            $customer
                ->setTwofactorauthEnabled($enable)
                ->save();

            if ($enable && $code) {
                Mage::getSingleton('core/session')->addSuccess($this->__('The subscription has been saved.'));
            } else {
                Mage::getSingleton('core/session')->addSuccess($this->__('The subscription has been removed.'));
            }
        }
        catch (MageHackDay_TwoFactorAuth_Model_Exception $e)
        {
            Mage::getSingleton('customer/session')->addError($this->__($e->getMessage()));
        }
        catch (Exception $e)
        {
            Mage::getSingleton('customer/session')->addError($this->__('An error occurred while saving your settings.'));
        }

        $this->_redirect('twofactorauth/customer/configure');
    }
}