1
0
Fork 0
forked from mirror/pixelfed

Update AccountController, fix 2FA backup code bug

This commit is contained in:
Daniel Supernault 2022-11-14 01:17:41 -07:00
parent a62a688da9
commit a231b3c556
No known key found for this signature in database
GPG key ID: 0DEF1C662C9033F7

View file

@ -513,26 +513,25 @@ class AccountController extends Controller
}
}
protected function twoFactorBackupCheck($request, $code, User $user)
{
$backupCodes = $user->{'2fa_backup_codes'};
if($backupCodes) {
$codes = json_decode($backupCodes, true);
foreach ($codes as $c) {
if(hash_equals($c, $code)) {
$codes = array_flatten(array_diff($codes, [$code]));
$user->{'2fa_backup_codes'} = json_encode($codes);
$user->save();
$request->session()->push('2fa.session.active', true);
return true;
} else {
return false;
}
}
} else {
return false;
}
}
protected function twoFactorBackupCheck($request, $code, User $user)
{
$backupCodes = $user->{'2fa_backup_codes'};
if($backupCodes) {
$codes = json_decode($backupCodes, true);
foreach ($codes as $c) {
if(hash_equals($c, $code)) {
$codes = array_flatten(array_diff($codes, [$code]));
$user->{'2fa_backup_codes'} = json_encode($codes);
$user->save();
$request->session()->push('2fa.session.active', true);
return true;
}
}
return false;
} else {
return false;
}
}
public function accountRestored(Request $request)
{