tim/invoiceninja
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add code for 2FA w/oauth

Browse source
This commit is contained in:
Hillel Coren 2018-12-10 15:42:12 +02:00
parent 98f29249fd
commit 0d4e784bff
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
app/Http/Controllers/AccountApiController.php
View file

@ -261,6 +261,17 @@ class AccountApiController extends BaseAPIController
$oAuth = new OAuth();
$user = $oAuth->getProvider($provider)->getTokenResponse($token);
/*
if ($user->google_2fa_secret && strpos($request->token_name, 'invoice-ninja-') !== false) {
$secret = \Crypt::decrypt($user->google_2fa_secret);
if (! $request->one_time_password) {
return $this->errorResponse(['message' => 'OTP_REQUIRED'], 401);
} elseif (! \Google2FA::verifyKey($secret, $request->one_time_password)) {
return $this->errorResponse(['message' => 'Invalid one time password'], 401);
}
}
*/
if ($user) {
Auth::login($user);
return $this->processLogin($request);