From 6074c56838e430a5574453c587d3e7f230429b2f Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Sun, 24 May 2020 02:04:53 -0600 Subject: [PATCH] Update AccountController --- app/Http/Controllers/AccountController.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/app/Http/Controllers/AccountController.php b/app/Http/Controllers/AccountController.php index a554f17d..a1838076 100644 --- a/app/Http/Controllers/AccountController.php +++ b/app/Http/Controllers/AccountController.php @@ -446,12 +446,16 @@ class AccountController extends Controller } if($request->session()->has('2fa.attempts')) { - $count = (int) $request->session()->has('2fa.attempts'); - $request->session()->push('2fa.attempts', $count + 1); + $count = (int) $request->session()->get('2fa.attempts'); + if($count == 3) { + Auth::logout(); + return redirect('/'); + } + $request->session()->put('2fa.attempts', $count + 1); } else { - $request->session()->push('2fa.attempts', 1); + $request->session()->put('2fa.attempts', 1); } - return redirect()->back()->withErrors([ + return redirect('/i/auth/checkpoint')->withErrors([ 'code' => 'Invalid code' ]); }