Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-05-24 02:14:21 -04:00
Code Issues Packages Projects Releases Wiki Activity

Small fixes for 2FA

Browse Source
This commit is contained in:
= 2021-03-20 11:41:41 +11:00
parent 32d9c4109e
commit b158fb430f
1 changed files with 22 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
app/Http/Controllers/Auth/LoginController.php
View File

@ -171,7 +171,7 @@ class LoginController extends BaseController
//if user has 2fa enabled - lets check this now: //if user has 2fa enabled - lets check this now:
if($user->google_2fa_secret && $request->has('one_time_password')) if($user->google_2fa_secret && $request->has('one_time_password') && strlen($request->input('one_time_password')) >= 1)
{ {
$google2fa = new Google2FA(); $google2fa = new Google2FA();
@ -194,6 +194,7 @@ class LoginController extends BaseController
$user->setCompany($user->account->default_company); $user->setCompany($user->account->default_company);
$timeout = auth()->user()->company()->default_password_timeout; $timeout = auth()->user()->company()->default_password_timeout;
Cache::put(auth()->user()->hashed_id.'_logged_in', Str::random(64), $timeout); Cache::put(auth()->user()->hashed_id.'_logged_in', Str::random(64), $timeout);
$cu = CompanyUser::query() $cu = CompanyUser::query()
@ -322,33 +323,34 @@ class LoginController extends BaseController
if ($user) { if ($user) {
$client = new Google_Client(); // we are no longer accessing the permissions for gmail - email permissions here
$client->setClientId(config('ninja.auth.google.client_id'));
$client->setClientSecret(config('ninja.auth.google.client_secret'));
$client->setRedirectUri(config('ninja.app_url'));
$token = false; // $client = new Google_Client();
// $client->setClientId(config('ninja.auth.google.client_id'));
// $client->setClientSecret(config('ninja.auth.google.client_secret'));
// $client->setRedirectUri(config('ninja.app_url'));
try{ // $token = false;
$token = $client->authenticate(request()->input('server_auth_code'));
}
catch(\Exception $e) {
return response() // try{
->json(['message' => ctrans('texts.invalid_credentials')], 401) // $token = $client->authenticate(request()->input('server_auth_code'));
->header('X-App-Version', config('ninja.app_version')) // }
->header('X-Api-Version', config('ninja.minimum_client_version')); // catch(\Exception $e) {
} // return response()
// ->json(['message' => ctrans('texts.invalid_credentials')], 401)
// ->header('X-App-Version', config('ninja.app_version'))
// ->header('X-Api-Version', config('ninja.minimum_client_version'));
$refresh_token = ''; // }
if (array_key_exists('refresh_token', $token)) { // $refresh_token = '';
$refresh_token = $token['refresh_token'];
}
//$access_token = $token['access_token']; // if (array_key_exists('refresh_token', $token)) {
// $refresh_token = $token['refresh_token'];
// }
$name = OAuth::splitName($google->harvestName($user)); $name = OAuth::splitName($google->harvestName($user));
$new_account = [ $new_account = [