Nemcio/Grav-Admin-Plugin
1
0
Fork 0
mirror of https://github.com/getgrav/grav-plugin-admin.git synced 2025-10-29 01:06:38 +01:00
Code Issues Packages Projects Releases Activity

Fixed passing null to $twoFa->verifyCode() and $twoFa->verifyYubikeyOTP()

Browse Source 
`
This commit is contained in:
Matias Griese
2022-01-12 10:55:41 +02:00
parent 0f05d065b0
commit e84e785978
1 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
classes/plugin/Controllers/Login/LoginController.php
View File

@@ -275,15 +275,16 @@ class LoginController extends AdminController
$twoFa = null;
}
$code = $data['2fa_code'] ?? null;
$secret = $user->twofa_secret ?? null;
$redirect = (string)$this->getRequest()->getUri();
$code = $data['2fa_code'] ?? '';
$secret = $user->twofa_secret ?? '';
$twofa_valid = $twoFa->verifyCode($secret, $code);
$yubikey_otp = $data['yubikey_otp'] ?? null;
$yubikey_id = $user->yubikey_id ?? null;
$yubikey_otp = $data['yubikey_otp'] ?? '';
$yubikey_id = $user->yubikey_id ?? '';
$yubikey_valid = $twoFa->verifyYubikeyOTP($yubikey_id, $yubikey_otp);
$redirect = (string)$this->getRequest()->getUri();
if (null === $twoFa || !$user->authenticated || (!$twofa_valid && !$yubikey_valid) ) {
Admin::DEBUG && Admin::addDebugMessage('Admin login: 2FA check failed, log out!');