Mirrors/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2024-11-10 13:12:50 +01:00
Code Issues Releases Activity

Fixes for 2FA

Browse Source
This commit is contained in:
David Bomba 2021-03-16 09:33:55 +11:00
parent e953647d2b
commit 05b008ca60
2 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
app/Http/Controllers/TwoFactorController.php
View File

@ -53,13 +53,21 @@ class TwoFactorController extends BaseController
$secret = request()->input('secret');
$oneTimePassword = request()->input('one_time_password');
if (! $secret || ! $google2fa->verifyKey($secret, $oneTimePassword)) {
return response()->json('message' > ctrans('texts.invalid_one_time_password'));
} elseif (! $user->google_2fa_secret && $user->phone && $user->confirmed) {
if($google2fa->verifyKey($secret, $oneTimePassword) && $user->phone && $user->confirmed){
$user->google_2fa_secret = encrypt($secret);
$user->save();
}
return response()->json(['message' => ctrans('texts.enabled_two_factor')], 200);
return response()->json(['message' => ctrans('texts.enabled_two_factor')], 200);
} elseif (! $secret || ! $google2fa->verifyKey($secret, $oneTimePassword)) {
return response()->json(['message' => ctrans('texts.invalid_one_time_password')]);
}
return response()->json(['message' => 'No phone record or user is not confirmed']);
}
}

3
resources/lang/en/texts.php
View File

@ -4167,6 +4167,9 @@ $LANG = array(
'zoho' => 'Zoho',
'accounting' => 'Accounting',
'required_files_missing' => 'Please provide all CSVs.',
'migration_auth_label' => 'Let\'s continue by authenticating.',
'api_secret' => 'API secret',
'migration_api_secret_notice' => 'You can find API_SECRET in the .env file or Invoice Ninja v5. If property is missing, leave field blank.',
);
return $LANG;