Use template-displayed errors in TwoFactor\Verify

- Remove the page dependency on jGrowl notices
pull/7425/head
Hypolite Petovan 2019-07-23 20:02:26 -04:00
rodzic 56afc43b21
commit 4821fe1b98
2 zmienionych plików z 18 dodań i 3 usunięć

Wyświetl plik

@ -16,18 +16,20 @@ use PragmaRX\Google2FA\Google2FA;
*/
class Verify extends BaseModule
{
private static $errors = [];
public static function post()
{
if (!local_user()) {
return;
}
if (defaults($_POST, 'action', null) == 'verify') {
if (($_POST['action'] ?? '') == 'verify') {
self::checkFormSecurityTokenRedirectOnError('2fa', 'twofactor_verify');
$a = self::getApp();
$code = defaults($_POST, 'verify_code', '');
$code = $_POST['verify_code'] ?? '';
$valid = (new Google2FA())->verifyKey(PConfig::get(local_user(), '2fa', 'secret'), $code);
@ -38,7 +40,7 @@ class Verify extends BaseModule
// Resume normal login workflow
Session::setAuthenticatedForUser($a, $a->user, true, true);
} else {
notice(L10n::t('Invalid code, please retry.'));
self::$errors[] = L10n::t('Invalid code, please retry.');
}
}
}
@ -59,6 +61,8 @@ class Verify extends BaseModule
'$title' => L10n::t('Two-factor authentication'),
'$message' => L10n::t('<p>Open the two-factor authentication app on your device to get an authentication code and verify your identity.</p>'),
'$errors_label' => L10n::tt('Error', 'Errors', count(self::$errors)),
'$errors' => self::$errors,
'$recovery_message' => L10n::t('Dont have your phone? <a href="%s">Enter a two-factor recovery code</a>', '2fa/recovery'),
'$verify_code' => ['verify_code', L10n::t('Please enter a code from your authentication app'), '', '', 'required', 'autofocus placeholder="000000"'],
'$verify_label' => L10n::t('Verify code and complete login'),

Wyświetl plik

@ -2,6 +2,17 @@
<h1>{{$title}}</h1>
<div>{{$message nofilter}}</div>
{{if $errors}}
<div class="panel panel-danger">
<div class="panel-heading">{{$errors_label}}</div>
<ul class="list-group">
{{foreach $errors as $error}}
<li class="list-group-item">{{$error}}</li>
{{/foreach}}
</ul>
</div>
{{/if}}
<form action="" method="post">
<input type="hidden" name="form_security_token" value="{{$form_security_token}}">