X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/f1f59cf0861adb8f753f3685ff3c82c048ed4838..refs/pull/3000/head:/app/Http/Controllers/Auth/MfaBackupCodesController.php diff --git a/app/Http/Controllers/Auth/MfaBackupCodesController.php b/app/Http/Controllers/Auth/MfaBackupCodesController.php index 65c809196..d92029bf1 100644 --- a/app/Http/Controllers/Auth/MfaBackupCodesController.php +++ b/app/Http/Controllers/Auth/MfaBackupCodesController.php @@ -20,7 +20,7 @@ class MfaBackupCodesController extends Controller protected const SETUP_SECRET_SESSION_KEY = 'mfa-setup-backup-codes'; /** - * Show a view that generates and displays backup codes + * Show a view that generates and displays backup codes. */ public function generate(BackupCodeService $codeService) { @@ -30,13 +30,14 @@ class MfaBackupCodesController extends Controller $downloadUrl = 'data:application/octet-stream;base64,' . base64_encode(implode("\n\n", $codes)); return view('mfa.backup-codes-generate', [ - 'codes' => $codes, + 'codes' => $codes, 'downloadUrl' => $downloadUrl, ]); } /** * Confirm the setup of backup codes, storing them against the user. + * * @throws Exception */ public function confirm() @@ -49,11 +50,19 @@ class MfaBackupCodesController extends Controller MfaValue::upsertWithValue($this->currentOrLastAttemptedUser(), MfaValue::METHOD_BACKUP_CODES, json_encode($codes)); $this->logActivity(ActivityType::MFA_SETUP_METHOD, 'backup-codes'); + + if (!auth()->check()) { + $this->showSuccessNotification(trans('auth.mfa_setup_login_notification')); + + return redirect('/login'); + } + return redirect('/mfa/setup'); } /** * Verify the MFA method submission on check. + * * @throws NotFoundException * @throws ValidationException */ @@ -70,8 +79,8 @@ class MfaBackupCodesController extends Controller if (!$codeService->inputCodeExistsInSet($value, $codes)) { $fail(trans('validation.backup_codes')); } - } - ] + }, + ], ]); $updatedCodes = $codeService->removeInputCodeFromSet($request->get('code'), $codes);