kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-09-19 10:53:37 +00:00
Code Issues Projects Releases Wiki Activity

Can use backup codes to login.

Browse Source
This commit is contained in:
James Cole
2019-08-04 07:10:18 +02:00
parent 0b6c3efe8d
commit e41211bed7
3 changed files with 51 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
app/Http/Controllers/Auth/TwoFactorController.php
View File

@@ -64,6 +64,17 @@ class TwoFactorController extends Controller
// otp auth success!
return redirect(route('home'));
}
// could be user has a backup code.
if ($this->isBackupCode($mfaCode)) {
$this->removeFromBackupCodes($mfaCode);
$authenticator->login();
session()->flash('info', trans('firefly.mfa_backup_code'));
return redirect(route('home'));
}
session()->flash('error', trans('firefly.wrong_mfa_code'));
return redirect(route('home'));
@@ -213,4 +224,33 @@ class TwoFactorController extends Controller
return false;
}
/**
* Checks if code is in users backup codes.
*
* @param string $mfaCode
*
* @return bool
*/
private function isBackupCode(string $mfaCode): bool
{
$list = Preferences::get('mfa_recovery', [])->data;
if (in_array($mfaCode, $list, true)) {
return true;
}
return false;
}
/**
* Remove the used code from the list of backup codes.
*
* @param string $mfaCode
*/
private function removeFromBackupCodes(string $mfaCode): void
{
$list = Preferences::get('mfa_recovery', [])->data;
$newList = array_values(array_diff($list, [$mfaCode]));
Preferences::set('mfa_recovery', $newList);
}
}