AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-05-05 18:57:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Enforce Client Access Restriction on ajax call get_totp_token_via_id

Browse Source
This commit is contained in:
johnnyq
2026-05-04 15:48:40 -04:00
parent 8094e6e761
commit e0f2fc1e1b
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
agent/ajax.php
View File

@@ -403,6 +403,8 @@ if (isset($_GET['get_totp_token_via_id'])) {
$totp_secret = $sql['credential_otp_secret'];
$client_id = intval($sql['credential_client_id']);
enforceClientAccess();
$otp = TokenAuth6238::getTokenCode(strtoupper($totp_secret));
echo json_encode($otp);