Fixes for 2FA

2025-07-09 03:14:30 -04:00 · 2022-11-09 22:22:52 +11:00 · 2022-11-09 22:22:52 +11:00 · 18a038a34d
commit 18a038a34d
parent 114b511118
3 changed files with 7 additions and 8 deletions
--- a/app/Http/Controllers/TwilioController.php
+++ b/app/Http/Controllers/TwilioController.php
@ -94,16 +94,13 @@ class TwilioController extends BaseController

        if($verification_check->status == 'approved'){

-            if($request->query('validate_only') == 'true')
-                return response()->json(['message' => 'SMS verified'], 200);
-
-
            $account->account_sms_verified = true;
            $account->save();

            //on confirmation we set the users phone number.
            $user = auth()->user();
            $user->phone = $account->account_sms_verification_number;
+            $user->verified_phone_number = true;
            $user->save();

            return response()->json(['message' => 'SMS verified'], 200);
@ -126,7 +123,6 @@ class TwilioController extends BaseController

        $twilio = new Client($sid, $token);

-
        try {
            $verification = $twilio->verify
                                   ->v2
@ -167,9 +163,11 @@ class TwilioController extends BaseController
                                             "code" => $request->code
                                       ]);
        
-
        if($verification_check->status == 'approved'){

+            if($request->query('validate_only') == 'true')
+                return response()->json(['message' => 'SMS verified'], 200);
+
            $user->google_2fa_secret = '';
            $user->sms_verification_code = '';
            $user->save();
--- a/app/Http/Requests/User/UpdateUserRequest.php
+++ b/app/Http/Requests/User/UpdateUserRequest.php
@ -65,8 +65,9 @@ class UpdateUserRequest extends Request
            $input['last_name'] = strip_tags($input['last_name']);
        }

-        if(array_key_exists('phone', $input) && isset($input['phone']) && strlen($input['phone']) > 1 && ($this->user->phone != $input['phone']))
+        if(array_key_exists('phone', $input) && isset($input['phone']) && strlen($input['phone']) > 1 && ($this->user->phone != $input['phone'])){
            $this->phone_has_changed = true;
+        }

        if(array_key_exists('oauth_provider_id', $input) && $input['oauth_provider_id'] == '')
            $input['oauth_user_id'] = '';
--- a/app/Http/ValidationRules/User/HasValidPhoneNumber.php
+++ b/app/Http/ValidationRules/User/HasValidPhoneNumber.php
@ -68,7 +68,7 @@ class HasValidPhoneNumber implements Rule

            request()->merge(['validated_phone' => $phone_number->phoneNumber ]);

-			$user->verified_phone_number = true;
+			$user->verified_phone_number = false;
            $user->save();
            
            return true;