X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/78e94bb0035d7ecc6f4267a4ffa919ec34b1ac2e..refs/pull/3745/head:/app/Http/Controllers/Auth/MfaTotpController.php diff --git a/app/Http/Controllers/Auth/MfaTotpController.php b/app/Http/Controllers/Auth/MfaTotpController.php index d55f08cff..a4cb63155 100644 --- a/app/Http/Controllers/Auth/MfaTotpController.php +++ b/app/Http/Controllers/Auth/MfaTotpController.php @@ -31,11 +31,13 @@ class MfaTotpController extends Controller session()->put(static::SETUP_SECRET_SESSION_KEY, encrypt($totpSecret)); } - $qrCodeUrl = $totp->generateUrl($totpSecret); + $qrCodeUrl = $totp->generateUrl($totpSecret, $this->currentOrLastAttemptedUser()); $svg = $totp->generateQrCodeSvg($qrCodeUrl); + $this->setPageTitle(trans('auth.mfa_gen_totp_title')); + return view('mfa.totp-generate', [ - 'secret' => $totpSecret, + 'url' => $qrCodeUrl, 'svg' => $svg, ]); } @@ -43,6 +45,7 @@ class MfaTotpController extends Controller /** * Confirm the setup of TOTP and save the auth method secret * against the current user. + * * @throws ValidationException * @throws NotFoundException */ @@ -54,7 +57,7 @@ class MfaTotpController extends Controller 'required', 'max:12', 'min:4', new TotpValidationRule($totpSecret), - ] + ], ]); MfaValue::upsertWithValue($this->currentOrLastAttemptedUser(), MfaValue::METHOD_TOTP, $totpSecret); @@ -63,6 +66,7 @@ class MfaTotpController extends Controller if (!auth()->check()) { $this->showSuccessNotification(trans('auth.mfa_setup_login_notification')); + return redirect('/login'); } @@ -71,6 +75,7 @@ class MfaTotpController extends Controller /** * Verify the MFA method submission on check. + * * @throws NotFoundException */ public function verify(Request $request, LoginService $loginService, MfaSession $mfaSession) @@ -83,7 +88,7 @@ class MfaTotpController extends Controller 'required', 'max:12', 'min:4', new TotpValidationRule($totpSecret), - ] + ], ]); $mfaSession->markVerifiedForUser($user);