Fixes 2FA not honoring 'Remember Me' checkbox, closes #439

2017-05-22 19:09:42 -05:00 · 2017-05-22 19:09:42 -05:00 · 72c0330486
commit 72c0330486
parent 999411da29
4 changed files with 25 additions and 9 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -6,6 +6,11 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
 ## v0.6.1 (Courageous Carniadactylus)
 ### Fixed
 * Fixes a bug preventing the use of services that have no variables attached to them.
 * Fixes 'Remember Me' checkbox being ignored when using 2FA on an account.
 ### Changed
 * Renamed session cookies from `laravel_session` to `pterodactyl_session`.
 * Sessions are now encrypted before being stored as an additional layer of security.
 ## v0.6.0 (Courageous Carniadactylus)
 ### Fixed
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@ -134,7 +134,9 @@ class LoginController extends Controller
                ])),
            ], 5);
-            return redirect()->route('auth.totp')->with('authentication_token', $token);
+            return redirect()->route('auth.totp')
                ->with('authentication_token', $token)
                ->with('remember', $request->has('remember'));
        }
        $attempt = Auth::attempt([
@ -167,7 +169,7 @@ class LoginController extends Controller
        return view('auth.totp', [
            'verify_key' => $token,
-            'remember' => $request->has('remember'),
+            'remember' => $request->session()->get('remember'),
        ]);
    }
--- a/config/session.php
+++ b/config/session.php
@ -44,7 +44,7 @@ return [
    |
    */
-    'encrypt' => false,
+    'encrypt' => true,
    /*
    |--------------------------------------------------------------------------
@ -122,7 +122,7 @@ return [
    |
    */
-    'cookie' => 'laravel_session',
+    'cookie' => 'pterodactyl_session',
    /*
    |--------------------------------------------------------------------------
--- a/resources/themes/pterodactyl/auth/totp.blade.php
+++ b/resources/themes/pterodactyl/auth/totp.blade.php
@ -23,20 +23,29 @@
    2FA Checkpoint
@endsection
@section('scripts')
    @parent
    <style>
        input::-webkit-outer-spin-button, input::-webkit-inner-spin-button {
            -webkit-appearance: none;
            margin: 0;
        }
    </style>
@endsection
@section('content')
 <div class="login-box-body">
    <p class="login-box-msg">@lang('auth.2fa_required')</p>
    <form action="{{ route('auth.totp') }}" method="POST">
-        <div class="form-group">
+        <div class="form-group has-feedback">
-            <input type="text" name="2fa_token" class="form-control" placeholder="@lang('strings.2fa_token')">
+            <input type="number" name="2fa_token" class="form-control input-lg text-center" placeholder="@lang('strings.2fa_token')" autofocus>
-            <span class="fa fa-lock form-control-feedback"></span>
+            <span class="fa fa-shield form-control-feedback"></span>
        </div>
        <div class="row">
            <div class="col-xs-12">
                {!! csrf_field() !!}
                <input type="hidden" name="verify_token" value="{{ $verify_key }}" />
                @if($remember)
-                    <input type="hidden" name="remember" value="true" />
+                    <input type="checkbox" name="remember" checked style="display:none;"/>
                @endif
                <button type="submit" class="btn btn-primary btn-block btn-flat">@lang('strings.submit')</button>
            </div>