Merge pull request #5176 from turbo124/v5-stable

Fixes for 2fa
2024-11-10 21:22:58 +01:00 · 2021-03-18 22:47:46 +11:00 · 2021-03-18 22:47:46 +11:00 · a005716ca5
commit a005716ca5
parent 544da36f03 10f7b1a309
4 changed files with 39 additions and 4 deletions
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@ -171,7 +171,7 @@ class LoginController extends BaseController

            //if user has 2fa enabled - lets check this now:

-            if($user->google_2fa_secret)
+            if($user->google_2fa_secret && $request->has('one_time_password'))
            {
                $google2fa = new Google2FA();

@ -184,6 +184,13 @@ class LoginController extends BaseController
                }

            }
+            elseif($user->google_2fa_secret && !$request->has('one_time_password')) {
+                
+                    return response()
+                    ->json(['message' => ctrans('texts.invalid_one_time_password')], 401)
+                    ->header('X-App-Version', config('ninja.app_version'))
+                    ->header('X-Api-Version', config('ninja.minimum_client_version'));
+            }

            $user->setCompany($user->account->default_company);
            $timeout = auth()->user()->company()->default_password_timeout;
--- a/app/Http/Controllers/TwoFactorController.php
+++ b/app/Http/Controllers/TwoFactorController.php
@ -56,6 +56,7 @@ class TwoFactorController extends BaseController
        if($google2fa->verifyKey($secret, $oneTimePassword) && $user->phone && $user->email_verified_at){

            $user->google_2fa_secret = encrypt($secret);
+
            $user->save();
        
            return response()->json(['message' => ctrans('texts.enabled_two_factor')], 200);
--- a/app/Utils/HostedPDF/NinjaPdf.php
+++ b/app/Utils/HostedPDF/NinjaPdf.php
@ -21,9 +21,6 @@ class NinjaPdf
    public function build($html)
    {

-nlog("building remotely");
-
-
        $client =  new \GuzzleHttp\Client(['headers' => 
            [ 
            'X-Ninja-Token' => 'test_token_for_now',        
--- a/database/migrations/2021_03_18_113704_change_2fa_column_from_varchar_to_text.php
+++ b/database/migrations/2021_03_18_113704_change_2fa_column_from_varchar_to_text.php
@ -0,0 +1,30 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class Change2faColumnFromVarcharToText extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->text('google_2fa_secret')->change();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+
+    }
+}