Skip to content

Commit

Permalink
Update #540
Browse files Browse the repository at this point in the history 
- Fix minor positioning of validation of password during login.
  • Loading branch information
@oyeaussie
oyeaussie committed Jul 8, 2024
1 parent 36005dc commit 5f92acd
Showing 1 changed file with 45 additions and 35 deletions.
80 changes: 45 additions & 35 deletions system/Base/Providers/AccessServiceProvider/Access/Auth.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,14 +56,7 @@ public function attempt($data)
$validate = $this->validateData($data, 'auth');

if ($validate !== true) {
if (str_contains(strtolower($validate), '2fa code')) {
if (str_contains(strtolower($validate), 'please contact administrator')) {
$validate = str_replace('Error! Please contact administrator.', '', $validate);
}
$this->addResponse($validate, 3, ['allowed_methods' => $this->core->core['settings']['security']['twofaSettings']['twofaUsing']]);
} else {
$this->addResponse($validate, 1);
}
$this->addResponse($validate, 1);

return false;
}
Expand All @@ -82,6 +75,21 @@ public function attempt($data)
return false;
}

$validate = $this->validateData($data, 'auth2fa');

if ($validate !== true) {
if (str_contains(strtolower($validate), '2fa code')) {
if (str_contains(strtolower($validate), 'please contact administrator')) {
$validate = str_replace('Error! Please contact administrator.', '', $validate);
}
$this->addResponse($validate, 3, ['allowed_methods' => $this->core->core['settings']['security']['twofaSettings']['twofaUsing']]);
} else {
$this->addResponse($validate, 1);
}

return false;
}

$this->access->ipFilter->removeFromMonitoring();

$security = $this->getAccountSecurityObject();
Expand Down Expand Up @@ -275,7 +283,7 @@ protected function clearAccountSessionId()
$sessionStore->findOneBy([['session_id', '=', $this->session->getId()], "AND", ['app', '=', $this->getKey()]]);

if ($sessionStore->toArray()) {
$sessionStore->deleteById($sessionStore->toArray()['id']);
$sessionStore->deleteById($sessionStore->toArray()['id'], true, false, ['agents']);
}
}

Expand Down Expand Up @@ -733,34 +741,36 @@ protected function setUserSession()

public function validateData(array $data, $task)
{
if ($task === 'auth') {
if ($task === 'auth' || $task === 'auth2fa') {
$this->validation->add('user', PresenceOf::class, ["message" => "Enter valid user name."]);
$this->validation->add('pass', PresenceOf::class, ["message" => "Enter valid password."]);
if (isset($this->app['enforce_2fa']) && $this->app['enforce_2fa'] == '1') {
$this->validation->add('twofa_using', PresenceOf::class, ["message" => "Error! Please contact administrator."]);
$this->validation->add('code', PresenceOf::class, ["message" => "Enter valid 2FA code"]);
if (isset($data['twofa_using'])) {
if ($data['twofa_using'] === 'otp') {
if (isset($this->core->core['settings']['security']['twofaSettings']['twofaOtpDigitsLength'])) {
$this->validation->add('code',
Min::class,
[
"min" => $this->core->core['settings']['security']['twofaSettings']['twofaOtpDigitsLength'],
"message" => "Error: Enter valid 2FA code.",
"included" => false
]
);
}
} else if ($data['twofa_using'] === 'email') {
if (isset($this->core->core['settings']['security']['twofaSettings']['twofaEmailCodeLength'])) {
$this->validation->add('code',
Min::class,
[
"min" => $this->core->core['settings']['security']['twofaSettings']['twofaEmailCodeLength'],
"message" => "Error: Enter valid 2FA code.",
"included" => false
]
);
if ($task === 'auth2fa') {
if (isset($this->app['enforce_2fa']) && $this->app['enforce_2fa'] == '1') {
$this->validation->add('twofa_using', PresenceOf::class, ["message" => "Error! Please contact administrator."]);
$this->validation->add('code', PresenceOf::class, ["message" => "Enter valid 2FA code"]);
if (isset($data['twofa_using'])) {
if ($data['twofa_using'] === 'otp') {
if (isset($this->core->core['settings']['security']['twofaSettings']['twofaOtpDigitsLength'])) {
$this->validation->add('code',
Min::class,
[
"min" => $this->core->core['settings']['security']['twofaSettings']['twofaOtpDigitsLength'],
"message" => "Error: Enter valid 2FA code.",
"included" => false
]
);
}
} else if ($data['twofa_using'] === 'email') {
if (isset($this->core->core['settings']['security']['twofaSettings']['twofaEmailCodeLength'])) {
$this->validation->add('code',
Min::class,
[
"min" => $this->core->core['settings']['security']['twofaSettings']['twofaEmailCodeLength'],
"message" => "Error: Enter valid 2FA code.",
"included" => false
]
);
}
}
}
}
Expand Down

0 comments on commit 5f92acd

Please sign in to comment.