Merge pull request #5146 from turbo124/v5-develop

Fixes for 2FA

app/Http/Controllers/ConnectedAccountController.php

@@ -89,23 +89,8 @@ class ConnectedAccountController extends BaseController
 
         $user = $google->getTokenResponse(request()->input('id_token'));
 
-        if (is_array($user)) {
-            
-            $query = [
-                'oauth_user_id' => $google->harvestSubField($user),
-                'oauth_provider_id'=> 'google',
-            ];
-
-            /* Cannot allow duplicates! */
-            if ($existing_user = MultiDB::hasUser($query)) {
-                return response()
-                ->json(['message' => 'User already exists in system.'], 401)
-                ->header('X-App-Version', config('ninja.app_version'))
-                ->header('X-Api-Version', config('ninja.minimum_client_version'));
-            }
-        }
-
         if ($user) {
+            
             $client = new Google_Client();
             $client->setClientId(config('ninja.auth.google.client_id'));
             $client->setClientSecret(config('ninja.auth.google.client_secret'));
@@ -118,7 +103,6 @@ class ConnectedAccountController extends BaseController
                 $refresh_token = $token['refresh_token'];
             }
 
-
             $connected_account = [
                 'password' => '',
                 'email' => $google->harvestEmail($user),

app/Http/Controllers/TwoFactorController.php

@@ -53,7 +53,7 @@ class TwoFactorController extends BaseController
         $secret = request()->input('secret');
         $oneTimePassword = request()->input('one_time_password');
 
-        if($google2fa->verifyKey($secret, $oneTimePassword) && $user->phone && $user->confirmed){
+        if($google2fa->verifyKey($secret, $oneTimePassword) && $user->phone && $user->email_verified_at){
 
             $user->google_2fa_secret = encrypt($secret);
             $user->save();