From 10f7b1a309de4481f5741802b7c7109002abdad1 Mon Sep 17 00:00:00 2001
From: David Bomba <turbo124@gmail.com>
Date: Thu, 18 Mar 2021 22:46:58 +1100
Subject: [PATCH] Fixes for 2fa

---
 app/Http/Controllers/Auth/LoginController.php |  9 +++++-
 app/Http/Controllers/TwoFactorController.php  |  1 +
 app/Utils/HostedPDF/NinjaPdf.php              |  3 --
 ...change_2fa_column_from_varchar_to_text.php | 30 +++++++++++++++++++
 4 files changed, 39 insertions(+), 4 deletions(-)
 create mode 100644 database/migrations/2021_03_18_113704_change_2fa_column_from_varchar_to_text.php

diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index 1e88741b4878..7ac6dcee34d3 100644
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -171,7 +171,7 @@ class LoginController extends BaseController
 
             //if user has 2fa enabled - lets check this now:
 
-            if($user->google_2fa_secret)
+            if($user->google_2fa_secret && $request->has('one_time_password'))
             {
                 $google2fa = new Google2FA();
 
@@ -184,6 +184,13 @@ class LoginController extends BaseController
                 }
 
             }
+            elseif($user->google_2fa_secret && !$request->has('one_time_password')) {
+                
+                    return response()
+                    ->json(['message' => ctrans('texts.invalid_one_time_password')], 401)
+                    ->header('X-App-Version', config('ninja.app_version'))
+                    ->header('X-Api-Version', config('ninja.minimum_client_version'));
+            }
 
             $user->setCompany($user->account->default_company);
             $timeout = auth()->user()->company()->default_password_timeout;
diff --git a/app/Http/Controllers/TwoFactorController.php b/app/Http/Controllers/TwoFactorController.php
index c1f6a8f5c1e9..6ba1444de3bb 100644
--- a/app/Http/Controllers/TwoFactorController.php
+++ b/app/Http/Controllers/TwoFactorController.php
@@ -56,6 +56,7 @@ class TwoFactorController extends BaseController
         if($google2fa->verifyKey($secret, $oneTimePassword) && $user->phone && $user->email_verified_at){
 
             $user->google_2fa_secret = encrypt($secret);
+
             $user->save();
         
             return response()->json(['message' => ctrans('texts.enabled_two_factor')], 200);
diff --git a/app/Utils/HostedPDF/NinjaPdf.php b/app/Utils/HostedPDF/NinjaPdf.php
index 7c5de140b469..f0137fd459a1 100644
--- a/app/Utils/HostedPDF/NinjaPdf.php
+++ b/app/Utils/HostedPDF/NinjaPdf.php
@@ -21,9 +21,6 @@ class NinjaPdf
     public function build($html)
     {
 
-nlog("building remotely");
-
-
         $client =  new \GuzzleHttp\Client(['headers' => 
             [ 
             'X-Ninja-Token' => 'test_token_for_now',        
diff --git a/database/migrations/2021_03_18_113704_change_2fa_column_from_varchar_to_text.php b/database/migrations/2021_03_18_113704_change_2fa_column_from_varchar_to_text.php
new file mode 100644
index 000000000000..1ff1d26ddf00
--- /dev/null
+++ b/database/migrations/2021_03_18_113704_change_2fa_column_from_varchar_to_text.php
@@ -0,0 +1,30 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class Change2faColumnFromVarcharToText extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->text('google_2fa_secret')->change();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+
+    }
+}