diff --git a/packages/sonata-integration-bundle/User/Controller/TwoFactorAuthenticationController.php b/packages/sonata-integration-bundle/User/Controller/TwoFactorAuthenticationController.php index b459b1738..d9182ee30 100644 --- a/packages/sonata-integration-bundle/User/Controller/TwoFactorAuthenticationController.php +++ b/packages/sonata-integration-bundle/User/Controller/TwoFactorAuthenticationController.php @@ -48,17 +48,19 @@ public function enable2faAction( return new RedirectResponse($this->admin->generateObjectUrl('disable-2fa', $user)); } - $user->setTotpSecret($enable2fa->totpSecret); - if ($totpAuthenticator->checkCode($user, $enable2fa->code)) { - $user->enableTwoFActorAuthenticationProvider('totp'); - $this->admin->getModelManager()->update($user); - - $this->addFlash( - 'sonata_flash_success', - $this->trans('admin.flash.2fa_enabled', [], 'DrawUserBundle') - ); - - return $this->redirectTo($request, $user); + if ($enable2fa->totpSecret) { + $user->setTotpSecret($enable2fa->totpSecret); + if ($totpAuthenticator->checkCode($user, $enable2fa->code)) { + $user->enableTwoFActorAuthenticationProvider('totp'); + $this->admin->getModelManager()->update($user); + + $this->addFlash( + 'sonata_flash_success', + $this->trans('admin.flash.2fa_enabled', [], 'DrawUserBundle') + ); + + return $this->redirectTo($request, $user); + } } $this->addFlash( @@ -74,6 +76,13 @@ public function enable2faAction( $totpSecret = $user->getTotpSecret(); $enable2fa->totpSecret = $totpSecret; $form->setData($enable2fa); + } elseif (!$user->getTotpSecret()) { + $this->addFlash( + 'sonata_flash_error', + $this->trans('admin.flash.2fa_invalid_code_refreshed', [], 'DrawUserBundle') + ); + + return new RedirectResponse($this->admin->generateObjectUrl('enable-2fa', $user)); } $qrCode = $qrCodeGenerator->getTotpQrCode($user); diff --git a/packages/user-bundle/Resources/translations/DrawUserBundle.en.yaml b/packages/user-bundle/Resources/translations/DrawUserBundle.en.yaml index 4d70db40e..3e2c1cfbf 100644 --- a/packages/user-bundle/Resources/translations/DrawUserBundle.en.yaml +++ b/packages/user-bundle/Resources/translations/DrawUserBundle.en.yaml @@ -39,6 +39,7 @@ admin: 2fa_enabled: '2FA successfully enabled.' 2fa_disabled: '2FA successfully disabled.' 2fa_invalid_code: 'Invalid code provided. Please, try again.' + 2fa_invalid_code_refreshed: 'Error with provided code. Please, try again. The code has been refreshed.' list: 2fa_enabled: '2FA enabled' form: