Small fixes for 2FA

2024-11-10 21:22:58 +01:00 · 2021-03-20 11:41:41 +11:00 · 2021-03-20 11:41:41 +11:00 · b158fb430f
commit b158fb430f
parent 32d9c4109e
1 changed files with 22 additions and 20 deletions
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@ -171,7 +171,7 @@ class LoginController extends BaseController

            //if user has 2fa enabled - lets check this now:

-            if($user->google_2fa_secret && $request->has('one_time_password'))
+            if($user->google_2fa_secret && $request->has('one_time_password') && strlen($request->input('one_time_password')) >= 1)
            {
                $google2fa = new Google2FA();

@ -194,6 +194,7 @@ class LoginController extends BaseController

            $user->setCompany($user->account->default_company);
            $timeout = auth()->user()->company()->default_password_timeout;
+
            Cache::put(auth()->user()->hashed_id.'_logged_in', Str::random(64), $timeout);

            $cu = CompanyUser::query()
@ -322,33 +323,34 @@ class LoginController extends BaseController

        if ($user) {

-            $client = new Google_Client();
-            $client->setClientId(config('ninja.auth.google.client_id'));
-            $client->setClientSecret(config('ninja.auth.google.client_secret'));
-            $client->setRedirectUri(config('ninja.app_url'));
+            // we are no longer accessing the permissions for gmail - email permissions here

-            $token = false;
+            // $client = new Google_Client();
+            // $client->setClientId(config('ninja.auth.google.client_id'));
+            // $client->setClientSecret(config('ninja.auth.google.client_secret'));
+            // $client->setRedirectUri(config('ninja.app_url'));

-            try{
-                $token = $client->authenticate(request()->input('server_auth_code'));
-            }
-            catch(\Exception $e) {
+            // $token = false;

-                return response()
-                ->json(['message' => ctrans('texts.invalid_credentials')], 401)
-                ->header('X-App-Version', config('ninja.app_version'))
-                ->header('X-Api-Version', config('ninja.minimum_client_version'));
+            // try{
+            //     $token = $client->authenticate(request()->input('server_auth_code'));
+            // }
+            // catch(\Exception $e) {

-            }
+            //     return response()
+            //     ->json(['message' => ctrans('texts.invalid_credentials')], 401)
+            //     ->header('X-App-Version', config('ninja.app_version'))
+            //     ->header('X-Api-Version', config('ninja.minimum_client_version'));

-            $refresh_token = '';
+            // }

-            if (array_key_exists('refresh_token', $token)) {
-                $refresh_token = $token['refresh_token'];
-            }
+            // $refresh_token = '';

-            //$access_token = $token['access_token'];
+            // if (array_key_exists('refresh_token', $token)) {
+            //     $refresh_token = $token['refresh_token'];
+            // }

+            
            $name = OAuth::splitName($google->harvestName($user));

            $new_account = [