AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-23 05:55:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Feature: Force MFA Part 3 - Enforce MFA by redirecting users to their user_profile to setup MFA if Force MFA is checked, next up is to lock them there until 2FA is set

Browse Source
This commit is contained in:
johnnyq
2023-09-06 00:08:21 -04:00
parent 17c8a9ab0c
commit 747b7de143
2 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
check_login.php
View File

@@ -42,6 +42,7 @@ if ($session_user_role == 3) {
} else { } else {
$session_user_role_display = "Accountant"; $session_user_role_display = "Accountant";
} }
$session_user_config_force_mfa = intval($row['user_config_force_mfa']);
$user_config_records_per_page = intval($row['user_config_records_per_page']); $user_config_records_per_page = intval($row['user_config_records_per_page']);
$sql = mysqli_query($mysqli, "SELECT * FROM companies WHERE company_id = 1"); $sql = mysqli_query($mysqli, "SELECT * FROM companies WHERE company_id = 1");
@@ -70,6 +71,4 @@ if ($iPod || $iPhone || $iPad) {
//Get Notification Count for the badge on the top nav //Get Notification Count for the badge on the top nav
$row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('notification_id') AS num FROM notifications WHERE (notification_user_id = $session_user_id OR notification_user_id = 0) AND notification_dismissed_at IS NULL")); $row = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT COUNT('notification_id') AS num FROM notifications WHERE (notification_user_id = $session_user_id OR notification_user_id = 0) AND notification_dismissed_at IS NULL"));
$num_notifications = $row['num']; $num_notifications = $row['num'];

4
login.php
View File

@@ -99,6 +99,10 @@ if (isset($_POST['login'])) {
$user_id = intval($row['user_id']); $user_id = intval($row['user_id']);
$user_email = sanitizeInput($row['user_email']); $user_email = sanitizeInput($row['user_email']);
$token = sanitizeInput($row['user_token']); $token = sanitizeInput($row['user_token']);
$force_mfa = intval($row['user_config_force_mfa']);
if($force_mfa == 1 && $token == NULL) {
$config_start_page = "user_profile.php";
}
// Checking for user 2FA // Checking for user 2FA
if (empty($token) || TokenAuth6238::verify($token, $current_code)) { if (empty($token) || TokenAuth6238::verify($token, $current_code)) {