mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-19 21:35:13 +00:00
fixes mfa escape from form
This commit is contained in:
parent
ee09d848cb
commit
d9e1de7832
4 changed files with 31 additions and 20 deletions
|
@ -14,10 +14,6 @@ class Totp_check extends Controller
|
||||||
{
|
{
|
||||||
$retval = ['status' => false];
|
$retval = ['status' => false];
|
||||||
|
|
||||||
if (!local_channel()) {
|
|
||||||
json_return_and_die($retval);
|
|
||||||
}
|
|
||||||
|
|
||||||
$account = App::get_account();
|
$account = App::get_account();
|
||||||
if (!$account) {
|
if (!$account) {
|
||||||
json_return_and_die($retval);
|
json_return_and_die($retval);
|
||||||
|
|
|
@ -309,6 +309,13 @@ if (
|
||||||
$atoken = $verify['xchan'];
|
$atoken = $verify['xchan'];
|
||||||
$channel = $verify['channel'];
|
$channel = $verify['channel'];
|
||||||
$account = App::$account = $verify['account'];
|
$account = App::$account = $verify['account'];
|
||||||
|
$multiFactor = AConfig::Get(App::$account['account_id'], 'system', 'mfa_enabled');
|
||||||
|
if ($multiFactor) {
|
||||||
|
$_SESSION['2FA_REQUIRED'] = true;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
unset($_SESSION['2FA_REQUIRED']);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (App::$account) {
|
if (App::$account) {
|
||||||
|
|
|
@ -30,19 +30,27 @@ function authenticate_success($user_record, $channel = false, $login_initial = f
|
||||||
$_SESSION['account_id'] = $user_record['account_id'];
|
$_SESSION['account_id'] = $user_record['account_id'];
|
||||||
$_SESSION['authenticated'] = 1;
|
$_SESSION['authenticated'] = 1;
|
||||||
|
|
||||||
if ($channel) {
|
$canChangeChannel = empty($_SESSION['2FA_REQUIRED']);
|
||||||
$uid_to_load = $channel['channel_id'];
|
if (!empty($_SESSION['2FA_VERIFIED'])) {
|
||||||
|
$canChangeChannel = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (! isset($uid_to_load)) {
|
if ($canChangeChannel) {
|
||||||
$uid_to_load = (((x($_SESSION, 'uid')) && (intval($_SESSION['uid'])))
|
|
||||||
? intval($_SESSION['uid'])
|
|
||||||
: intval(App::$account['account_default_channel'])
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($uid_to_load) {
|
if ($channel) {
|
||||||
change_channel($uid_to_load);
|
$uid_to_load = $channel['channel_id'];
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!isset($uid_to_load)) {
|
||||||
|
$uid_to_load = (((x($_SESSION, 'uid')) && (intval($_SESSION['uid'])))
|
||||||
|
? intval($_SESSION['uid'])
|
||||||
|
: intval(App::$account['account_default_channel'])
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($uid_to_load) {
|
||||||
|
change_channel($uid_to_load);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (($login_initial || $update_lastlog) && (! (isset($_SESSION['sudo']) && $_SESSION['sudo']))) {
|
if (($login_initial || $update_lastlog) && (! (isset($_SESSION['sudo']) && $_SESSION['sudo']))) {
|
||||||
|
@ -59,13 +67,13 @@ function authenticate_success($user_record, $channel = false, $login_initial = f
|
||||||
|
|
||||||
if ($login_initial && $interactive) {
|
if ($login_initial && $interactive) {
|
||||||
Hook::call('logged_in', $user_record);
|
Hook::call('logged_in', $user_record);
|
||||||
$multiFactor = AConfig::Get(App::$account['account_id'], 'system', 'mfa_enabled');
|
|
||||||
if ($multiFactor && empty($_SESSION['2FA_VERIFIED'])) {
|
|
||||||
goaway(z_root() . '/totp_check');
|
|
||||||
}
|
|
||||||
// might want to log success here
|
// might want to log success here
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($_SESSION['2FA_REQUIRED'] && !$_SESSION['2FA_VERIFIED'] && App::$module !== 'totp_check') {
|
||||||
|
goaway(z_root() . '/totp_check');
|
||||||
|
}
|
||||||
|
|
||||||
if ($return || x($_SESSION, 'workflow')) {
|
if ($return || x($_SESSION, 'workflow')) {
|
||||||
unset($_SESSION['workflow']);
|
unset($_SESSION['workflow']);
|
||||||
return;
|
return;
|
||||||
|
|
|
@ -46,13 +46,13 @@ function hitkey(ev) {
|
||||||
<div class="generic-content-wrapper">
|
<div class="generic-content-wrapper">
|
||||||
<div class="section-content-tools-wrapper">
|
<div class="section-content-tools-wrapper">
|
||||||
<h3 style="text-align: center;">{{$header}}</h3>
|
<h3 style="text-align: center;">{{$header}}</h3>
|
||||||
|
|
||||||
<div>{{$desc}}</div>
|
<div>{{$desc}}</div>
|
||||||
|
<br>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<input type="text" class="form-control" style="width: 10em" id="totp-code" onkeydown="hitkey(event)"/>
|
<input type="text" class="form-control" style="width: 10em" id="totp-code" onkeydown="hitkey(event)"/>
|
||||||
<div id="feedback"></div>
|
<div id="feedback"></div>
|
||||||
</div>
|
</div>
|
||||||
|
<br>
|
||||||
<div>
|
<div>
|
||||||
<input type="button" class="btn btn-primary" value={{$submit}} onclick="totp_verify()"/>
|
<input type="button" class="btn btn-primary" value={{$submit}} onclick="totp_verify()"/>
|
||||||
</div>
|
</div>
|
||||||
|
|
Loading…
Reference in a new issue