Merge pull request #10681 from snipe/fixes/2fa_cookie_fix

Fixes 2FA cookie -> user issue
This commit is contained in:
snipe 2022-02-15 19:34:13 -07:00 committed by GitHub
commit 5582949008
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 2 deletions

View file

@ -363,7 +363,7 @@ class LoginController extends Controller
if (Google2FA::verifyKey($user->two_factor_secret, $secret)) {
$user->two_factor_enrolled = 1;
$user->save();
$request->session()->put('2fa_authed', 'true');
$request->session()->put('2fa_authed', $user->id);
return redirect()->route('home')->with('success', 'You are logged in!');
}

View file

@ -32,7 +32,7 @@ class CheckForTwoFactor
if ($settings = Setting::getSettings()) {
if (Auth::check() && ($settings->two_factor_enabled != '')) {
// This user is already 2fa-authed
if ($request->session()->get('2fa_authed')) {
if ($request->session()->get('2fa_authed')==Auth::user()->id) {
return $next($request);
}