aboutsummaryrefslogtreecommitdiffstats
path: root/include/auth.php
diff options
context:
space:
mode:
authorMario <mario@mariovavti.com>2023-03-08 10:04:29 +0000
committerMario <mario@mariovavti.com>2023-03-08 10:04:29 +0000
commit234bb6425021b72f0db71667191b2c36dc593791 (patch)
tree2966d68516cebae70d4a75aace9962a809532339 /include/auth.php
parentd43a56614cd93982d19f4f82aae6e62f9ca533a9 (diff)
downloadvolse-hubzilla-234bb6425021b72f0db71667191b2c36dc593791.tar.gz
volse-hubzilla-234bb6425021b72f0db71667191b2c36dc593791.tar.bz2
volse-hubzilla-234bb6425021b72f0db71667191b2c36dc593791.zip
port totp mfa from streams with some adjustions
Diffstat (limited to 'include/auth.php')
-rw-r--r--include/auth.php11
1 files changed, 10 insertions, 1 deletions
diff --git a/include/auth.php b/include/auth.php
index 125aedffd..de515489a 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -10,6 +10,7 @@
*/
use Zotlabs\Lib\Libzot;
+use Zotlabs\Lib\AConfig;
require_once('include/api_auth.php');
require_once('include/security.php');
@@ -263,8 +264,16 @@ if((isset($_SESSION)) && (x($_SESSION, 'authenticated')) &&
App::$session->extend_cookie();
$login_refresh = true;
}
+
+ $multiFactor = AConfig::Get(App::$account['account_id'], 'system', 'mfa_enabled');
+ if ($multiFactor && empty($_SESSION['2FA_VERIFIED']) && App::$module !== 'totp_check') {
+ $o = new Zotlabs\Module\Totp_check;
+ echo $o->get(true);
+ killme();
+ }
+
$ch = (($_SESSION['uid']) ? channelx_by_n($_SESSION['uid']) : null);
- authenticate_success($r[0], null, $ch, false, false, $login_refresh);
+ authenticate_success($r[0], $ch, false, false, $login_refresh);
}
else {
$_SESSION['account_id'] = 0;