mirror of https://github.com/MISP/MISP
Merge branch '2.4' into develop
commit
a5766031e1
|
@ -925,7 +925,7 @@ class ACLComponent extends Component
|
|||
}
|
||||
return true;
|
||||
};
|
||||
$this->dynamicChecks['otp_enabled'] = function (array $user) {
|
||||
$this->dynamicChecks['otp_enabled'] = function ($user) {
|
||||
if (Configure::read('Security.otp_disabled')) {
|
||||
throw new ForbiddenException('OTP has been disabled on this instance.');
|
||||
}
|
||||
|
|
|
@ -1214,11 +1214,13 @@ class UsersController extends AppController
|
|||
$this->Auth->constructAuthenticate();
|
||||
}
|
||||
// user has TOTP token, check creds and redirect to TOTP validation
|
||||
if (!empty($unauth_user['User']['totp']) && !$unauth_user['User']['disabled'] && class_exists('\OTPHP\TOTP')) {
|
||||
$user = $this->Auth->identify($this->request, $this->response);
|
||||
if ($user && !$user['disabled']) {
|
||||
$this->Session->write('otp_user', $user);
|
||||
return $this->redirect('otp');
|
||||
if (!Configure::read('Security.otp_disabled')) {
|
||||
if (!empty($unauth_user['User']['totp']) && !$unauth_user['User']['disabled'] && class_exists('\OTPHP\TOTP')) {
|
||||
$user = $this->Auth->identify($this->request, $this->response);
|
||||
if ($user && !$user['disabled']) {
|
||||
$this->Session->write('otp_user', $user);
|
||||
return $this->redirect('otp');
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue