diff --git a/app/Handlers/Events/UserEventHandler.php b/app/Handlers/Events/UserEventHandler.php index 5f86d60a57..836f7b11b5 100644 --- a/app/Handlers/Events/UserEventHandler.php +++ b/app/Handlers/Events/UserEventHandler.php @@ -19,7 +19,6 @@ use FireflyIII\Repositories\User\UserRepositoryInterface; use Illuminate\Mail\Message; use Log; use Mail; -use Session; use Swift_TransportException; /** @@ -54,20 +53,6 @@ class UserEventHandler return true; } - /** - * Handle user logout events. - * - * @return bool - */ - public function logoutUser(): bool - { - // dump stuff from the session: - Session::forget('twoFactorAuthenticated'); - Session::forget('twoFactorAuthenticatedDate'); - - return true; - } - /** * @param RequestedNewPassword $event * diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php index 04e8abcc06..0072229023 100644 --- a/app/Http/Controllers/Auth/LoginController.php +++ b/app/Http/Controllers/Auth/LoginController.php @@ -16,6 +16,7 @@ use Config; use FireflyConfig; use FireflyIII\Http\Controllers\Controller; use FireflyIII\User; +use Illuminate\Cookie\CookieJar; use Illuminate\Foundation\Auth\AuthenticatesUsers; use Illuminate\Http\Request; use Lang; @@ -74,23 +75,26 @@ class LoginController extends Controller } /** - * @param Request $request + * @param Request $request + * @param CookieJar $cookieJar * - * @return $this|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector + * @return $this */ - public function logout(Request $request) + public function logout(Request $request, CookieJar $cookieJar) { if (intval(getenv('SANDSTORM')) === 1) { return view('error')->with('message', strval(trans('firefly.sandstorm_not_available'))); } + $cookie = $cookieJar->forever('twoFactorAuthenticated', 'false'); + $this->guard()->logout(); $request->session()->flush(); $request->session()->regenerate(); - return redirect('/'); + return redirect('/')->withCookie($cookie); } /** diff --git a/app/Http/Controllers/Auth/TwoFactorController.php b/app/Http/Controllers/Auth/TwoFactorController.php index 66df10f66e..9b74cad644 100644 --- a/app/Http/Controllers/Auth/TwoFactorController.php +++ b/app/Http/Controllers/Auth/TwoFactorController.php @@ -13,14 +13,13 @@ declare(strict_types = 1); namespace FireflyIII\Http\Controllers\Auth; -use Carbon\Carbon; use FireflyIII\Exceptions\FireflyException; use FireflyIII\Http\Controllers\Controller; use FireflyIII\Http\Requests\TokenFormRequest; +use Illuminate\Cookie\CookieJar; use Illuminate\Http\Request; use Log; use Preferences; -use Session; /** * Class TwoFactorController @@ -84,12 +83,12 @@ class TwoFactorController extends Controller * * @return mixed */ - public function postIndex(TokenFormRequest $request) + public function postIndex(TokenFormRequest $request, CookieJar $cookieJar) { - Session::put('twoFactorAuthenticated', true); - Session::put('twoFactorAuthenticatedDate', new Carbon); + // set cookie! + $cookie = $cookieJar->forever('twoFactorAuthenticated', 'true'); - return redirect(route('home')); + return redirect(route('home'))->withCookie($cookie); } } diff --git a/app/Http/Middleware/AuthenticateTwoFactor.php b/app/Http/Middleware/AuthenticateTwoFactor.php index 4f9f1f5542..5325150bcc 100644 --- a/app/Http/Middleware/AuthenticateTwoFactor.php +++ b/app/Http/Middleware/AuthenticateTwoFactor.php @@ -14,8 +14,10 @@ declare(strict_types = 1); namespace FireflyIII\Http\Middleware; use Closure; +use Cookie; use Illuminate\Http\Request; use Illuminate\Support\Facades\Auth; +use Log; use Preferences; use Session; @@ -55,8 +57,13 @@ class AuthenticateTwoFactor } $is2faEnabled = Preferences::get('twoFactorAuthEnabled', false)->data; $has2faSecret = !is_null(Preferences::get('twoFactorAuthSecret')); - $is2faAuthed = Session::get('twofactor-authenticated'); + + // grab 2auth information from cookie, not from session. + $is2faAuthed = Cookie::get('twoFactorAuthenticated') === 'true'; + if ($is2faEnabled && $has2faSecret && !$is2faAuthed) { + Log::debug('Does not seem to be 2 factor authed, redirect.'); + return redirect(route('two-factor.index')); } diff --git a/app/Http/Middleware/RedirectIfTwoFactorAuthenticated.php b/app/Http/Middleware/RedirectIfTwoFactorAuthenticated.php index 0b2894ef19..53dcaa619e 100644 --- a/app/Http/Middleware/RedirectIfTwoFactorAuthenticated.php +++ b/app/Http/Middleware/RedirectIfTwoFactorAuthenticated.php @@ -17,7 +17,8 @@ use Closure; use Illuminate\Support\Facades\Auth; use Preferences; use Session; - +use Log; +use Cookie; /** * Class RedirectIfTwoFactorAuthenticated * @@ -40,7 +41,10 @@ class RedirectIfTwoFactorAuthenticated $is2faEnabled = Preferences::get('twoFactorAuthEnabled', false)->data; $has2faSecret = !is_null(Preferences::get('twoFactorAuthSecret')); - $is2faAuthed = Session::get('twoFactorAuthenticated'); + + // grab 2auth information from cookie + $is2faAuthed = Cookie::get('twoFactorAuthenticated') === 'true'; + if ($is2faEnabled && $has2faSecret && $is2faAuthed) { return redirect('/'); } diff --git a/app/Providers/EventServiceProvider.php b/app/Providers/EventServiceProvider.php index 215fc5978e..3fcdd8da06 100644 --- a/app/Providers/EventServiceProvider.php +++ b/app/Providers/EventServiceProvider.php @@ -56,12 +56,6 @@ class EventServiceProvider extends ServiceProvider 'FireflyIII\Handlers\Events\UpdatedJournalEventHandler@scanBills', 'FireflyIII\Handlers\Events\UpdatedJournalEventHandler@processRules', ], - - // LARAVEL EVENTS: - 'Illuminate\Auth\Events\Logout' => - [ - 'FireflyIII\Handlers\Events\UserEventHandler@logoutUser', - ], ]; /**