tim/invoiceninja
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Small fixes for 2FA

Browse source
This commit is contained in:
= 2021-03-20 11:46:42 +11:00
parent 5b64eb7ed6
commit 5288893220
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/Http/Controllers/Auth/LoginController.php
View file

@ -171,11 +171,11 @@ class LoginController extends BaseController
//if user has 2fa enabled - lets check this now:
if($user->google_2fa_secret && $request->has('one_time_password') && strlen($request->input('one_time_password')) >= 1)
if($user->google_2fa_secret && $request->has('one_time_password'))
{
$google2fa = new Google2FA();
if(!$google2fa->verifyKey(decrypt($user->google_2fa_secret), $request->input('one_time_password')))
if(strlen($request->input('one_time_password')) == 0 || !$google2fa->verifyKey(decrypt($user->google_2fa_secret), $request->input('one_time_password')))
{
return response()
->json(['message' => ctrans('texts.invalid_one_time_password')], 401)