From 747b7de143b0f9addba620072af4bcd90a5f8089 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Wed, 6 Sep 2023 00:08:21 -0400 Subject: [PATCH] Feature: Force MFA Part 3 - Enforce MFA by redirecting users to their user_profile to setup MFA if Force MFA is checked, next up is to lock them there until 2FA is set --- check_login.php | 5 ++--- login.php | 4 ++++ 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/check_login.php b/check_login.php index 2a20d8d3..72121813 100644 --- a/check_login.php +++ b/check_login.php @@ -42,6 +42,7 @@ if ($session_user_role == 3) { } else { $session_user_role_display = "Accountant"; } +$session_user_config_force_mfa = intval($row['user_config_force_mfa']); $user_config_records_per_page = intval($row['user_config_records_per_page']); $sql = mysqli_query($mysqli, "SELECT * FROM companies WHERE company_id = 1"); @@ -70,6 +71,4 @@ if ($iPod || $iPhone || $iPad) { //Get Notification Count for the badge on the top nav $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('notification_id') AS num FROM notifications WHERE (notification_user_id = $session_user_id OR notification_user_id = 0) AND notification_dismissed_at IS NULL")); -$num_notifications = $row['num']; - - +$num_notifications = $row['num']; \ No newline at end of file diff --git a/login.php b/login.php index a88e5451..44a656fe 100644 --- a/login.php +++ b/login.php @@ -99,6 +99,10 @@ if (isset($_POST['login'])) { $user_id = intval($row['user_id']); $user_email = sanitizeInput($row['user_email']); $token = sanitizeInput($row['user_token']); + $force_mfa = intval($row['user_config_force_mfa']); + if($force_mfa == 1 && $token == NULL) { + $config_start_page = "user_profile.php"; + } // Checking for user 2FA if (empty($token) || TokenAuth6238::verify($token, $current_code)) {