Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-06-05 03:04:36 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5175 from turbo124/v5-develop

Browse Source 
Fixes for 2fa
This commit is contained in:
David Bomba 2021-03-18 22:47:31 +11:00 committed by GitHub
commit 2a89a12b69
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 39 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
app/Http/Controllers/Auth/LoginController.php
View File

@ -171,7 +171,7 @@ class LoginController extends BaseController
//if user has 2fa enabled - lets check this now: //if user has 2fa enabled - lets check this now:
if($user->google_2fa_secret) if($user->google_2fa_secret && $request->has('one_time_password'))
{ {
$google2fa = new Google2FA(); $google2fa = new Google2FA();
@ -184,6 +184,13 @@ class LoginController extends BaseController
} }
} }
elseif($user->google_2fa_secret && !$request->has('one_time_password')) {
return response()
->json(['message' => ctrans('texts.invalid_one_time_password')], 401)
->header('X-App-Version', config('ninja.app_version'))
->header('X-Api-Version', config('ninja.minimum_client_version'));
}
$user->setCompany($user->account->default_company); $user->setCompany($user->account->default_company);
$timeout = auth()->user()->company()->default_password_timeout; $timeout = auth()->user()->company()->default_password_timeout;

1
app/Http/Controllers/TwoFactorController.php
View File

@ -56,6 +56,7 @@ class TwoFactorController extends BaseController
if($google2fa->verifyKey($secret, $oneTimePassword) && $user->phone && $user->email_verified_at){ if($google2fa->verifyKey($secret, $oneTimePassword) && $user->phone && $user->email_verified_at){
$user->google_2fa_secret = encrypt($secret); $user->google_2fa_secret = encrypt($secret);
$user->save(); $user->save();
return response()->json(['message' => ctrans('texts.enabled_two_factor')], 200); return response()->json(['message' => ctrans('texts.enabled_two_factor')], 200);

3
app/Utils/HostedPDF/NinjaPdf.php
View File

@ -21,9 +21,6 @@ class NinjaPdf
public function build($html) public function build($html)
{ {
nlog("building remotely");
$client = new \GuzzleHttp\Client(['headers' => $client = new \GuzzleHttp\Client(['headers' =>
[ [
'X-Ninja-Token' => 'test_token_for_now', 'X-Ninja-Token' => 'test_token_for_now',

30
database/migrations/2021_03_18_113704_change_2fa_column_from_varchar_to_text.php Normal file
View File

@ -0,0 +1,30 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class Change2faColumnFromVarcharToText extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('users', function (Blueprint $table) {
$table->text('google_2fa_secret')->change();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
}
}