aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
authorMario <mario@mariovavti.com>2023-03-08 17:29:56 +0000
committerMario <mario@mariovavti.com>2023-03-08 17:29:56 +0000
commit8af5788fc193a245c8aeed3b554a79baaa1bde3a (patch)
tree87729108d73bd365ea51356f394d6d2e306e83a0 /Zotlabs
parent3de81877c6aaacfad993375bcf88b512958180ab (diff)
downloadvolse-hubzilla-8af5788fc193a245c8aeed3b554a79baaa1bde3a.tar.gz
volse-hubzilla-8af5788fc193a245c8aeed3b554a79baaa1bde3a.tar.bz2
volse-hubzilla-8af5788fc193a245c8aeed3b554a79baaa1bde3a.zip
more mfa cleanup, set the value in session if mfa is enabled and only allow enabling mfa after a test passed
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Module/Settings/Multifactor.php8
1 files changed, 6 insertions, 2 deletions
diff --git a/Zotlabs/Module/Settings/Multifactor.php b/Zotlabs/Module/Settings/Multifactor.php
index e1d8e1c97..5ac47be09 100644
--- a/Zotlabs/Module/Settings/Multifactor.php
+++ b/Zotlabs/Module/Settings/Multifactor.php
@@ -18,6 +18,9 @@ class Multifactor {
}
$enable_mfa = isset($_POST['enable_mfa']) ? (int) $_POST['enable_mfa'] : false;
AConfig::Set($account['account_id'], 'system', 'mfa_enabled', $enable_mfa);
+ if ($enable_mfa) {
+ $_SESSION['2FA_VERIFIED'] = true;
+ }
}
public function get() {
@@ -48,10 +51,11 @@ class Multifactor {
return replace_macros(get_markup_template('totp_setup.tpl'),
[
'$form_security_token' => get_form_security_token("settings_mfa"),
- '$title' => t('Multifactor Settings'),
+ '$title' => t(' Account Multifactor Settings'),
'$totp_setup_text' => t('Multi-Factor Authentication Setup'),
- '$secret_text' => t('This is your generated secret. This may be used in some cases if the QR image cannot be read. Please save it.'),
+ '$secret_text' => t('This is your generated secret. It may be used in some cases if the QR image cannot be read. Please save it.'),
'$test_title' => t('Please enter the code from your authenticator'),
+ '$test_title_sub' => t('You will only be able to enable MFA if the test passes'),
'$qrcode' => (new QRCode())->render($uri),
'$uri' => $uri,
'$secret' => ($account['account_external'] ?? ''),