mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-12-20 12:03:16 +00:00
Merge pull request #533 from pixelfed/frontend-ui-refactor
Update 2fa, logout user after two failed attempts
This commit is contained in:
commit
2d7e08e429
2 changed files with 9 additions and 0 deletions
|
@ -321,6 +321,12 @@ class AccountController extends Controller
|
|||
$request->session()->push('2fa.session.active', true);
|
||||
return redirect('/');
|
||||
} else {
|
||||
if($request->session()->has('2fa.attempts')) {
|
||||
$count = (int) $request->session()->has('2fa.attempts');
|
||||
$request->session()->push('2fa.attempts', $count + 1);
|
||||
} else {
|
||||
$request->session()->push('2fa.attempts', 1);
|
||||
}
|
||||
return redirect()->back()->withErrors([
|
||||
'code' => 'Invalid code'
|
||||
]);
|
||||
|
|
|
@ -24,6 +24,9 @@ class TwoFactorAuth
|
|||
if($request->session()->has('2fa.session.active') !== true && !$request->is($checkpoint))
|
||||
{
|
||||
return redirect('/i/auth/checkpoint');
|
||||
} elseif($request->session()->has('2fa.attempts') || (int) $request->session()->get('2fa.attempts') > 3) {
|
||||
$request->session()->pull('2fa.attempts');
|
||||
Auth::logout();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue