Authorize only API tokens when 2FA is enabled

2019-02-01 15:40:35 -08:00
parent fa08493348
commit 233fd1a8a1
4 changed files with 31 additions and 4 deletions
--- a/app/Model/UserModel.php
+++ b/app/Model/UserModel.php
@@ -38,6 +38,15 @@ class UserModel extends Base
            ->exists();
    }

+    public function has2FA($username)
+    {
+        return $this->db->table(self::TABLE)
+            ->eq('username', $username)
+            ->eq('is_active', 1)
+            ->eq('twofactor_activated', 1)
+            ->exists();
+    }
+
    /**
     * Return true if the user exists
     *