Mirrors/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2024-11-08 20:22:42 +01:00
Code Issues Releases Activity

Merge: Require to enable 2FA

Browse Source
This commit is contained in:
Hillel Coren 2017-11-24 11:15:02 +02:00
parent 24ec472389
commit 8e6cfe706f
2 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
app/Http/Controllers/TwoFactorController.php
View File

@ -38,8 +38,11 @@ class TwoFactorController extends Controller
{
$user = auth()->user();
$secret = session()->pull('2fa:secret');
$oneTimePassword = request('one_time_password');
if ($secret && ! $user->google_2fa_secret && $user->phone && $user->confirmed) {
if (! $secret || ! \Google2FA::verifyKey($secret, $oneTimePassword)) {
return redirect('settings/enable_two_factor')->withMessage(trans('texts.invalid_one_time_password'));
} elseif (! $user->google_2fa_secret && $user->phone && $user->confirmed) {
$user->google_2fa_secret = Crypt::encrypt($secret);
$user->save();

8
resources/views/users/two_factor.blade.php
View File

@ -8,7 +8,7 @@
@include('accounts.nav', ['selected' => ACCOUNT_USER_DETAILS])
@endif
{!! Former::open() !!}
{!! Former::open()->rules(['one_time_password' => 'required']) !!}
<div class="row">
<div class="col-md-12">
@ -22,8 +22,12 @@
<p class="text-muted">{{ $secret }}</p><br/>
<p>{!! trans('texts.two_factor_setup_help', ['link' => link_to('https://github.com/antonioribeiro/google2fa#google-authenticator-apps', 'Google Authenticator', ['target' => '_blank'])]) !!}</p>
</div>
<p>&nbsp;</p>
<center class="buttons">
{!! Former::text('one_time_password')
->placeholder('one_time_password')
->style('width:300px;font-size:18px')
->raw() !!}
<p>&nbsp;</p>
{!! Button::normal(trans('texts.cancel'))->large()->asLinkTo(url('settings/user_details'))->appendIcon(Icon::create('remove-circle')) !!}
{!! Button::success(trans('texts.enable'))->large()->submit()->appendIcon(Icon::create('lock')) !!}
</center>