From 234bb6425021b72f0db71667191b2c36dc593791 Mon Sep 17 00:00:00 2001
From: Mario <mario@mariovavti.com>
Date: Wed, 8 Mar 2023 10:04:29 +0000
Subject: port totp mfa from streams with some adjustions

---
 include/auth.php | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'include/auth.php')

diff --git a/include/auth.php b/include/auth.php
index 125aedffd..de515489a 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -10,6 +10,7 @@
  */
 
 use Zotlabs\Lib\Libzot;
+use Zotlabs\Lib\AConfig;
 
 require_once('include/api_auth.php');
 require_once('include/security.php');
@@ -263,8 +264,16 @@ if((isset($_SESSION)) && (x($_SESSION, 'authenticated')) &&
 				App::$session->extend_cookie();
 				$login_refresh = true;
 			}
+
+			$multiFactor = AConfig::Get(App::$account['account_id'], 'system', 'mfa_enabled');
+			if ($multiFactor && empty($_SESSION['2FA_VERIFIED']) && App::$module !== 'totp_check') {
+				$o = new Zotlabs\Module\Totp_check;
+				echo $o->get(true);
+				killme();
+			}
+
 			$ch = (($_SESSION['uid']) ? channelx_by_n($_SESSION['uid']) : null);
-			authenticate_success($r[0], null, $ch, false, false, $login_refresh);
+			authenticate_success($r[0], $ch, false, false, $login_refresh);
 		}
 		else {
 			$_SESSION['account_id'] = 0;
-- 
cgit v1.2.3