diff options
| author | Matthew Somerville <matthew@mysociety.org> | 2019-10-24 12:36:20 +0100 |
|---|---|---|
| committer | Matthew Somerville <matthew@mysociety.org> | 2019-10-28 17:11:00 +0000 |
| commit | e8adf97e7f01efdaab2f0ab3181268d07640c3f4 (patch) | |
| tree | 2462c893e5ebb7260f0ca635d738a4fdac40d48d /perllib/Catalyst/Authentication/Credential | |
| parent | d551a1f6a7be39646e718683b14a572402e23981 (diff) | |
Require code to be entered when activating 2FA.
Diffstat (limited to 'perllib/Catalyst/Authentication/Credential')
| -rw-r--r-- | perllib/Catalyst/Authentication/Credential/2FA.pm | 14 |
1 files changed, 1 insertions, 13 deletions
diff --git a/perllib/Catalyst/Authentication/Credential/2FA.pm b/perllib/Catalyst/Authentication/Credential/2FA.pm index 22f4b4cff..9f22fed11 100644 --- a/perllib/Catalyst/Authentication/Credential/2FA.pm +++ b/perllib/Catalyst/Authentication/Credential/2FA.pm @@ -26,7 +26,7 @@ sub authenticate { $c->stash->{token} = $c->get_param('token'); - if ($self->check_2fa($c, $user_obj)) { + if ($c->check_2fa($user_obj->has_2fa)) { if ($c->stash->{token}) { my $token = $c->forward('/tokens/load_auth_token', [ $c->stash->{token}, '2fa' ]); # Will contain a detach_to and report/update data @@ -48,18 +48,6 @@ sub authenticate { } } -sub check_2fa { - my ($self, $c, $user) = @_; - - if (my $code = $c->get_param('2fa_code')) { - my $auth = Auth::GoogleAuth->new; - my $secret32 = $user->get_extra_metadata('2fa_secret'); - return 1 if $auth->verify($code, 2, $secret32); - $c->stash->{incorrect_code} = 1; - } - return 0; -} - __PACKAGE__; __END__ |