Merge branch '8.2RC'8.2

author: Mario <mario@mariovavti.com> 2023-03-19 13:55:18 +0000
committer: Mario <mario@mariovavti.com> 2023-03-19 13:55:18 +0000
commit: 89285f1408d21091bb80d45b391ddcbe06ba8d0f (patch)
tree: b2eb07d9f3d91d77f89a4565a58e6e5231b20c1c /include/auth.php
parent: 0a679e503ef367eda3085c44af103ee53869a94f (diff)
parent: 17c0bb2069dcfe35d3febc5bfdb3a7295f15d49c (diff)
download: volse-hubzilla-8.2.tar.gz
volse-hubzilla-8.2.tar.bz2
volse-hubzilla-8.2.zip
1 files changed, 11 insertions, 1 deletions
diff --git a/include/auth.php b/include/auth.php
index 125aedffd..5956b89e2 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -10,6 +10,8 @@
  */
 
 use Zotlabs\Lib\Libzot;
+use Zotlabs\Lib\AConfig;
+use Zotlabs\Module\Totp_check;
 
 require_once('include/api_auth.php');
 require_once('include/security.php');
@@ -263,8 +265,16 @@ if((isset($_SESSION)) && (x($_SESSION, 'authenticated')) &&
 				App::$session->extend_cookie();
 				$login_refresh = true;
 			}
+
+			$multiFactor = AConfig::Get(App::$account['account_id'], 'system', 'mfa_enabled');
+			if ($multiFactor && empty($_SESSION['2FA_VERIFIED']) && App::$module !== 'totp_check') {
+				$o = new Totp_check;
+				echo $o->get();
+				killme();
+			}
+
 			$ch = (($_SESSION['uid']) ? channelx_by_n($_SESSION['uid']) : null);
-			authenticate_success($r[0], null, $ch, false, false, $login_refresh);
+			authenticate_success($r[0], $ch, false, false, $login_refresh);
 		}
 		else {
 			$_SESSION['account_id'] = 0;
author	Mario <mario@mariovavti.com>	2023-03-19 13:55:18 +0000
committer	Mario <mario@mariovavti.com>	2023-03-19 13:55:18 +0000
commit	89285f1408d21091bb80d45b391ddcbe06ba8d0f (patch)
tree	b2eb07d9f3d91d77f89a4565a58e6e5231b20c1c /include/auth.php
parent	0a679e503ef367eda3085c44af103ee53869a94f (diff)
parent	17c0bb2069dcfe35d3febc5bfdb3a7295f15d49c (diff)
download	volse-hubzilla-8.2.tar.gz volse-hubzilla-8.2.tar.bz2 volse-hubzilla-8.2.zip