diff options
| author | Mario <mario@mariovavti.com> | 2023-03-08 17:29:56 +0000 |
|---|---|---|
| committer | Mario <mario@mariovavti.com> | 2023-03-08 17:29:56 +0000 |
| commit | 8af5788fc193a245c8aeed3b554a79baaa1bde3a (patch) | |
| tree | 87729108d73bd365ea51356f394d6d2e306e83a0 /Zotlabs | |
| parent | 3de81877c6aaacfad993375bcf88b512958180ab (diff) | |
| download | volse-hubzilla-8af5788fc193a245c8aeed3b554a79baaa1bde3a.tar.gz volse-hubzilla-8af5788fc193a245c8aeed3b554a79baaa1bde3a.tar.bz2 volse-hubzilla-8af5788fc193a245c8aeed3b554a79baaa1bde3a.zip | |
more mfa cleanup, set the value in session if mfa is enabled and only allow enabling mfa after a test passed
Diffstat (limited to 'Zotlabs')
| -rw-r--r-- | Zotlabs/Module/Settings/Multifactor.php | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/Zotlabs/Module/Settings/Multifactor.php b/Zotlabs/Module/Settings/Multifactor.php index e1d8e1c97..5ac47be09 100644 --- a/Zotlabs/Module/Settings/Multifactor.php +++ b/Zotlabs/Module/Settings/Multifactor.php @@ -18,6 +18,9 @@ class Multifactor { } $enable_mfa = isset($_POST['enable_mfa']) ? (int) $_POST['enable_mfa'] : false; AConfig::Set($account['account_id'], 'system', 'mfa_enabled', $enable_mfa); + if ($enable_mfa) { + $_SESSION['2FA_VERIFIED'] = true; + } } public function get() { @@ -48,10 +51,11 @@ class Multifactor { return replace_macros(get_markup_template('totp_setup.tpl'), [ '$form_security_token' => get_form_security_token("settings_mfa"), - '$title' => t('Multifactor Settings'), + '$title' => t(' Account Multifactor Settings'), '$totp_setup_text' => t('Multi-Factor Authentication Setup'), - '$secret_text' => t('This is your generated secret. This may be used in some cases if the QR image cannot be read. Please save it.'), + '$secret_text' => t('This is your generated secret. It may be used in some cases if the QR image cannot be read. Please save it.'), '$test_title' => t('Please enter the code from your authenticator'), + '$test_title_sub' => t('You will only be able to enable MFA if the test passes'), '$qrcode' => (new QRCode())->render($uri), '$uri' => $uri, '$secret' => ($account['account_external'] ?? ''), |