Skip to content

Commit

Permalink
[SonataIntegrationBundle] Handle 2FA totp secret empty submission
Browse files Browse the repository at this point in the history
  • Loading branch information
@mpoiriert
mpoiriert committed Nov 21, 2023
1 parent f033403 commit ab57ce0
Showing 1 changed file with 20 additions and 11 deletions.
31 changes: 20 additions & 11 deletions packages/sonata-integration-bundle/User/Controller/TwoFactorAuthenticationController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,17 +48,19 @@ public function enable2faAction(
return new RedirectResponse($this->admin->generateObjectUrl('disable-2fa', $user));
}

$user->setTotpSecret($enable2fa->totpSecret);
if ($totpAuthenticator->checkCode($user, $enable2fa->code)) {
$user->enableTwoFActorAuthenticationProvider('totp');
$this->admin->getModelManager()->update($user);

$this->addFlash(
'sonata_flash_success',
$this->trans('admin.flash.2fa_enabled', [], 'DrawUserBundle')
);

return $this->redirectTo($request, $user);
if ($enable2fa->totpSecret) {
$user->setTotpSecret($enable2fa->totpSecret);
if ($totpAuthenticator->checkCode($user, $enable2fa->code)) {
$user->enableTwoFActorAuthenticationProvider('totp');
$this->admin->getModelManager()->update($user);

$this->addFlash(
'sonata_flash_success',
$this->trans('admin.flash.2fa_enabled', [], 'DrawUserBundle')
);

return $this->redirectTo($request, $user);
}
}

$this->addFlash(
Expand All @@ -74,6 +76,13 @@ public function enable2faAction(
$totpSecret = $user->getTotpSecret();
$enable2fa->totpSecret = $totpSecret;
$form->setData($enable2fa);
} elseif (!$user->getTotpSecret()) {
$this->addFlash(
'sonata_flash_error',
$this->trans('admin.flash.2fa_invalid_code_refreshed', [], 'DrawUserBundle')
);

return new RedirectResponse($this->admin->generateObjectUrl('enable-2fa', $user));
}

$qrCode = $qrCodeGenerator->getTotpQrCode($user);
Expand Down

0 comments on commit ab57ce0

Please sign in to comment.