From a231b3c55661a394b7fa2f8cffdf21a3b628d4ac Mon Sep 17 00:00:00 2001
From: Daniel Supernault <danielsupernault@gmail.com>
Date: Mon, 14 Nov 2022 01:17:41 -0700
Subject: [PATCH] Update AccountController, fix 2FA backup code bug

---
 app/Http/Controllers/AccountController.php | 39 +++++++++++-----------
 1 file changed, 19 insertions(+), 20 deletions(-)

diff --git a/app/Http/Controllers/AccountController.php b/app/Http/Controllers/AccountController.php
index 0d3177b9d..89f46e046 100644
--- a/app/Http/Controllers/AccountController.php
+++ b/app/Http/Controllers/AccountController.php
@@ -513,26 +513,25 @@ class AccountController extends Controller
 		}
 	}
 
-	protected function twoFactorBackupCheck($request, $code, User $user)
-	{
-		$backupCodes = $user->{'2fa_backup_codes'};
-		if($backupCodes) {
-			$codes = json_decode($backupCodes, true);
-			foreach ($codes as $c) {
-				if(hash_equals($c, $code)) {
-					$codes = array_flatten(array_diff($codes, [$code]));
-					$user->{'2fa_backup_codes'} = json_encode($codes);
-					$user->save();
-					$request->session()->push('2fa.session.active', true);
-					return true;
-				} else {
-					return false;
-				}
-			}
-		} else {
-			return false;
-		}
-	}
+    protected function twoFactorBackupCheck($request, $code, User $user)
+    {
+        $backupCodes = $user->{'2fa_backup_codes'};
+        if($backupCodes) {
+            $codes = json_decode($backupCodes, true);
+            foreach ($codes as $c) {
+                if(hash_equals($c, $code)) {
+                    $codes = array_flatten(array_diff($codes, [$code]));
+                    $user->{'2fa_backup_codes'} = json_encode($codes);
+                    $user->save();
+                    $request->session()->push('2fa.session.active', true);
+                    return true;
+                }
+            }
+            return false;
+        } else {
+            return false;
+        }
+    }
 
 	public function accountRestored(Request $request)
 	{