DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-11-10 07:34:06 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Check for setup to have completed before running the 2fa middleware. Otherwise new installs fail (#2885)

Browse source
This commit is contained in:
Daniel Meltzer 2016-11-06 11:08:13 -06:00 committed by snipe
parent 96ad5fb77b
commit f4fc783026
1 changed files with 23 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
app/Http/Middleware/CheckForTwoFactor.php
View file

@ -1,9 +1,11 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Auth;
use Log;
use App\Models\Setting;
use Auth;
use Closure;
use Illuminate\Support\Facades\Schema;
use Log;
class CheckForTwoFactor
{
@ -23,28 +25,27 @@ class CheckForTwoFactor
}
// Two-factor is enabled (either optional or required)
if (Auth::check() && (Setting::getSettings()->two_factor_enabled!='')) {
if (Schema::hasTable('settings')) {
if (Auth::check() && (Setting::getSettings()->two_factor_enabled!='')) {
// This user is already 2fa-authed
if ($request->session()->get('2fa_authed')){
return $next($request);
// This user is already 2fa-authed
if ($request->session()->get('2fa_authed')) {
return $next($request);
}
// Two-factor is optional and the user has NOT opted in, let them through
if ((Setting::getSettings()->two_factor_enabled=='1') && (Auth::user()->two_factor_optin!='1')) {
return $next($request);
}
// Otherwise make sure they're enrolled and show them the 2FA code screen
if ((Auth::user()->two_factor_secret!='') && (Auth::user()->two_factor_enrolled=='1')) {
return redirect()->route('two-factor')->with('info', 'Please enter your two-factor authentication code.');
}
return redirect()->route('two-factor-enroll')->with('success', 'Please enroll a device in two-factor authentication.');
}
// Two-factor is optional and the user has NOT opted in, let them through
if ((Setting::getSettings()->two_factor_enabled=='1') && (Auth::user()->two_factor_optin!='1')) {
return $next($request);
}
// Otherwise make sure they're enrolled and show them the 2FA code screen
if ((Auth::user()->two_factor_secret!='') && (Auth::user()->two_factor_enrolled=='1')) {
return redirect()->route('two-factor')->with('info', 'Please enter your two-factor authentication code.');
}
return redirect()->route('two-factor-enroll')->with('success', 'Please enroll a device in two-factor authentication.');
}
return $next($request);
}