Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-11-02 22:57:33 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fixes for OTP

Browse Source
This commit is contained in:
David Bomba 2024-02-17 06:19:49 +11:00
parent fe2c4b3863
commit 112efdaadb
2 changed files with 15 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
app/Livewire/BillingPortal/Authentication.php
View File

@ -12,17 +12,18 @@
namespace App\Livewire\BillingPortal; namespace App\Livewire\BillingPortal;
use App\DataMapper\ClientSettings;
use App\Factory\ClientFactory;
use App\Jobs\Mail\NinjaMailerJob;
use App\Jobs\Mail\NinjaMailerObject;
use App\Mail\Subscription\OtpCode;
use App\Models\ClientContact;
use App\Models\Subscription;
use App\Repositories\ClientContactRepository;
use App\Repositories\ClientRepository;
use Livewire\Component; use Livewire\Component;
use Illuminate\Support\Str; use Illuminate\Support\Str;
use App\Models\Subscription;
use App\Models\ClientContact;
use App\Factory\ClientFactory;
use App\Jobs\Mail\NinjaMailerJob;
use App\DataMapper\ClientSettings;
use App\Mail\Subscription\OtpCode;
use App\Jobs\Mail\NinjaMailerObject;
use Illuminate\Support\Facades\Cache;
use App\Repositories\ClientRepository;
use App\Repositories\ClientContactRepository;
class Authentication extends Component class Authentication extends Component
{ {
@ -101,7 +102,7 @@ class Authentication extends Component
$code = rand(100000, 999999); $code = rand(100000, 999999);
$email_hash = "subscriptions:otp:{$this->email}"; $email_hash = "subscriptions:otp:{$this->email}";
cache()->put($email_hash, $code, 120); Cache::put($email_hash, $code, 600);
$cc = new ClientContact(); $cc = new ClientContact();
$cc->email = $this->email; $cc->email = $this->email;
@ -127,9 +128,9 @@ class Authentication extends Component
'otp' => 'required|numeric|digits:6', 'otp' => 'required|numeric|digits:6',
]); ]);
$code = cache()->get("subscriptions:otp:{$this->email}"); $code = Cache::get("subscriptions:otp:{$this->email}");
if ($this->otp !== $code) { if ($this->otp != $code) { //loose comparison prevents edge cases
$errors = $this->getErrorBag(); $errors = $this->getErrorBag();
$errors->add('otp', ctrans('texts.invalid_code')); $errors->add('otp', ctrans('texts.invalid_code'));

2
app/Mail/Subscription/OtpCode.php
View File

@ -58,6 +58,8 @@ class OtpCode extends Mailable
'title' => ctrans('texts.otp_code_subject'), 'title' => ctrans('texts.otp_code_subject'),
'content' => ctrans('texts.otp_code_body', ['code' => $this->code]), 'content' => ctrans('texts.otp_code_body', ['code' => $this->code]),
'whitelabel' => $this->company->account->isPaid(), 'whitelabel' => $this->company->account->isPaid(),
'url' => 'xx',
'button' => false,
]); ]);
} }
} }