diff options
| author | Byron Jones <glob@mozilla.com> | 2015-09-23 05:54:41 +0200 |
|---|---|---|
| committer | Byron Jones <glob@mozilla.com> | 2015-09-23 05:54:41 +0200 |
| commit | 043c7523acd6af5288191b15f746fc360b73ab40 (patch) | |
| tree | 536980970ca7ae13ce29d4cf9e9f69fb0669a972 /Bugzilla/MFA | |
| parent | 2e425408eeb1065eacb4bcded2cc88d05a689e1c (diff) | |
| download | bugzilla-043c7523acd6af5288191b15f746fc360b73ab40.tar.gz bugzilla-043c7523acd6af5288191b15f746fc360b73ab40.tar.xz | |
Bug 1199087 - extend 2fa protection beyond login
Diffstat (limited to 'Bugzilla/MFA')
| -rw-r--r-- | Bugzilla/MFA/TOTP.pm | 27 |
1 files changed, 10 insertions, 17 deletions
diff --git a/Bugzilla/MFA/TOTP.pm b/Bugzilla/MFA/TOTP.pm index 05e4e4e3b..859ca4b8d 100644 --- a/Bugzilla/MFA/TOTP.pm +++ b/Bugzilla/MFA/TOTP.pm @@ -48,32 +48,25 @@ sub enrolled { } sub prompt { - my ($self, $params) = @_; + my ($self, $vars) = @_; my $template = Bugzilla->template; - my $vars = { - user => $params->{user}, - token => scalar issue_session_token('mfa', $params->{user}), - type => $params->{type}, - }; - print Bugzilla->cgi->header(); $template->process('mfa/totp/verify.html.tmpl', $vars) || ThrowTemplateError($template->error()); } sub check { - my ($self, $code) = @_; - $self->_auth()->verify($code, 1) - || ThrowUserError('mfa_totp_bad_code'); -} - -sub check_login { - my ($self, $user) = @_; - my $cgi = Bugzilla->cgi; + my ($self, $params) = @_; + my $code = $params->{code} // ''; + return if $self->_auth()->verify($code, 1); - $self->check($cgi->param('code') // ''); - $user->authorizer->mfa_verified($user, $cgi->param('type')); + if (exists $params->{mfa_action}) { + ThrowUserError('mfa_totp_bad_enrolment_code'); + } + else { + ThrowUserError('mfa_totp_bad_code'); + } } 1; |