mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2024-11-10 05:02:36 +01:00
Don't change secret if enter wrong 2FA password
This commit is contained in:
parent
80cae5f0b3
commit
01d1c5a988
@ -16,9 +16,13 @@ class TwoFactorController extends Controller
|
||||
}
|
||||
|
||||
$google2fa = new Google2FA();
|
||||
$secret = $google2fa->generateSecretKey();
|
||||
|
||||
session(['2fa:secret' => $secret]);
|
||||
if ($secret = session('2fa:secret')) {
|
||||
// do nothing
|
||||
} else {
|
||||
$secret = $google2fa->generateSecretKey();
|
||||
session(['2fa:secret' => $secret]);
|
||||
}
|
||||
|
||||
$qrCode = $google2fa->getQRCodeGoogleUrl(
|
||||
APP_NAME,
|
||||
@ -37,15 +41,16 @@ class TwoFactorController extends Controller
|
||||
public function enableTwoFactor()
|
||||
{
|
||||
$user = auth()->user();
|
||||
$secret = session()->pull('2fa:secret');
|
||||
$secret = session('2fa:secret');
|
||||
$oneTimePassword = request('one_time_password');
|
||||
|
||||
if (! $secret || ! \Google2FA::verifyKey($secret, $oneTimePassword)) {
|
||||
return redirect('settings/enable_two_factor')->withMessage(trans('texts.invalid_one_time_password'));
|
||||
return redirect('settings/enable_two_factor')->withError(trans('texts.invalid_one_time_password'));
|
||||
} elseif (! $user->google_2fa_secret && $user->phone && $user->confirmed) {
|
||||
$user->google_2fa_secret = Crypt::encrypt($secret);
|
||||
$user->save();
|
||||
|
||||
session()->forget('2fa:secret');
|
||||
session()->flash('message', trans('texts.enabled_two_factor'));
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user