mirror of
https://github.com/firefly-iii/firefly-iii.git
synced 2025-11-07 18:37:55 +00:00
Make sure the two factor auth pages are not accessible when already authenticated using two factor.
This commit is contained in:
James Cole
@@ -9,6 +9,7 @@ use FireflyIII\Http\Middleware\Binder;
|
|||||||
use FireflyIII\Http\Middleware\EncryptCookies;
|
use FireflyIII\Http\Middleware\EncryptCookies;
|
||||||
use FireflyIII\Http\Middleware\Range;
|
use FireflyIII\Http\Middleware\Range;
|
||||||
use FireflyIII\Http\Middleware\RedirectIfAuthenticated;
|
use FireflyIII\Http\Middleware\RedirectIfAuthenticated;
|
||||||
|
use FireflyIII\Http\Middleware\RedirectIfTwoFactorAuthenticated;
|
||||||
use FireflyIII\Http\Middleware\VerifyCsrfToken;
|
use FireflyIII\Http\Middleware\VerifyCsrfToken;
|
||||||
use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;
|
use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;
|
||||||
use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
|
use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
|
||||||
@@ -67,6 +68,7 @@ class Kernel extends HttpKernel
|
|||||||
ShareErrorsFromSession::class,
|
ShareErrorsFromSession::class,
|
||||||
VerifyCsrfToken::class,
|
VerifyCsrfToken::class,
|
||||||
Authenticate::class,
|
Authenticate::class,
|
||||||
|
RedirectIfTwoFactorAuthenticated::class,
|
||||||
],
|
],
|
||||||
'web-auth-range' => [
|
'web-auth-range' => [
|
||||||
EncryptCookies::class,
|
EncryptCookies::class,
|
||||||
|
|||||||
48
app/Http/Middleware/RedirectIfTwoFactorAuthenticated.php
Normal file
48
app/Http/Middleware/RedirectIfTwoFactorAuthenticated.php
Normal file
@@ -0,0 +1,48 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* RedirectIfTwoFactorAuthenticated.php
|
||||||
|
* Copyright (C) 2016 Sander Dorigo
|
||||||
|
*
|
||||||
|
* This software may be modified and distributed under the terms
|
||||||
|
* of the MIT license. See the LICENSE file for details.
|
||||||
|
*/
|
||||||
|
|
||||||
|
declare(strict_types = 1);
|
||||||
|
|
||||||
|
namespace FireflyIII\Http\Middleware;
|
||||||
|
|
||||||
|
use Closure;
|
||||||
|
use Illuminate\Support\Facades\Auth;
|
||||||
|
use Preferences;
|
||||||
|
use Session;
|
||||||
|
/**
|
||||||
|
* Class RedirectIfTwoFactorAuthenticated
|
||||||
|
*
|
||||||
|
* @package FireflyIII\Http\Middleware
|
||||||
|
*/
|
||||||
|
class RedirectIfTwoFactorAuthenticated
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Handle an incoming request.
|
||||||
|
*
|
||||||
|
* @param \Illuminate\Http\Request $request
|
||||||
|
* @param \Closure $next
|
||||||
|
* @param string|null $guard
|
||||||
|
*
|
||||||
|
* @return mixed
|
||||||
|
*/
|
||||||
|
public function handle($request, Closure $next, $guard = null)
|
||||||
|
{
|
||||||
|
if (Auth::guard($guard)->check()) {
|
||||||
|
|
||||||
|
$twoFactorAuthEnabled = Preferences::get('twoFactorAuthEnabled', false)->data;
|
||||||
|
$hasTwoFactorAuthSecret = !is_null(Preferences::get('twoFactorAuthSecret'));
|
||||||
|
$isTwoFactorAuthenticated = Session::get('twofactor-authenticated');
|
||||||
|
if ($twoFactorAuthEnabled && $hasTwoFactorAuthSecret && $isTwoFactorAuthenticated) {
|
||||||
|
return redirect('/');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return $next($request);
|
||||||
|
}
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user