Fix authentication handler
Check email & password before token to handle case where email is invalid.
This commit is contained in:
parent
9c9d33c127
commit
5955b1453c
1 changed files with 20 additions and 17 deletions
|
@ -115,13 +115,31 @@ class AuthController extends Controller
|
||||||
return $this->sendLockoutResponse($request);
|
return $this->sendLockoutResponse($request);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Is the email & password valid?
|
||||||
|
if (!Auth::attempt([
|
||||||
|
'email' => $request->input('email'),
|
||||||
|
'password' => $request->input('password')
|
||||||
|
], $request->has('remember'))) {
|
||||||
|
|
||||||
|
if ($throttled) {
|
||||||
|
$this->incrementLoginAttempts($request);
|
||||||
|
}
|
||||||
|
|
||||||
|
return redirect()->route('auth.login')->withInput($request->only('email', 'remember'))->withErrors([
|
||||||
|
'email' => $this->getFailedLoginMessage(),
|
||||||
|
]);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
$G2FA = new Google2FA();
|
$G2FA = new Google2FA();
|
||||||
$user = User::select('use_totp', 'totp_secret')->where('email', $request->input($this->loginUsername()))->first();
|
$user = User::select('use_totp', 'totp_secret')->where('email', $request->input('email'))->first();
|
||||||
|
|
||||||
// Verify TOTP Token was Valid
|
// Verify TOTP Token was Valid
|
||||||
if($user->use_totp === 1) {
|
if($user->use_totp === 1) {
|
||||||
if(!$G2FA->verifyKey($user->totp_secret, $request->input('totp_token'))) {
|
if(!$G2FA->verifyKey($user->totp_secret, $request->input('totp_token'))) {
|
||||||
|
|
||||||
|
Auth::logout();
|
||||||
|
|
||||||
if ($throttled) {
|
if ($throttled) {
|
||||||
$this->incrementLoginAttempts($request);
|
$this->incrementLoginAttempts($request);
|
||||||
}
|
}
|
||||||
|
@ -132,23 +150,8 @@ class AuthController extends Controller
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Attempt to Login
|
return $this->handleUserWasAuthenticated($request, $throttled);
|
||||||
if (Auth::attempt([
|
|
||||||
'email' => $request->input('email'),
|
|
||||||
'password' => $request->input('password')
|
|
||||||
], $request->has('remember'))) {
|
|
||||||
return $this->handleUserWasAuthenticated($request, $throttled);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($throttled) {
|
|
||||||
$this->incrementLoginAttempts($request);
|
|
||||||
}
|
|
||||||
|
|
||||||
return redirect()->route('auth.login')
|
|
||||||
->withInput($request->only('email', 'remember'))
|
|
||||||
->withErrors([
|
|
||||||
'email' => $this->getFailedLoginMessage(),
|
|
||||||
]);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
Loading…
Reference in a new issue