From fac4902ccc957469edb460a25654892524efd7e6 Mon Sep 17 00:00:00 2001 From: Dane Everitt Date: Sun, 13 Feb 2022 17:33:12 -0500 Subject: [PATCH] Don't trigger an internal error if hitting 2fa endpoint and it isn't enabled --- app/Http/Controllers/Auth/LoginCheckpointController.php | 4 ++++ routes/auth.php | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/app/Http/Controllers/Auth/LoginCheckpointController.php b/app/Http/Controllers/Auth/LoginCheckpointController.php index 21a8cba46..c7b98de73 100644 --- a/app/Http/Controllers/Auth/LoginCheckpointController.php +++ b/app/Http/Controllers/Auth/LoginCheckpointController.php @@ -69,6 +69,10 @@ class LoginCheckpointController extends AbstractLoginController return $this->sendLoginResponse($user, $request); } } else { + if (!$user->use_totp) { + $this->sendFailedLoginResponse($request, $user); + } + $decrypted = $this->encrypter->decrypt($user->totp_secret); if ($this->google2FA->verifyKey($decrypted, (string) $request->input('authentication_code') ?? '', config('pterodactyl.auth.2fa.window'))) { diff --git a/routes/auth.php b/routes/auth.php index f2686a3b0..24152d8d8 100644 --- a/routes/auth.php +++ b/routes/auth.php @@ -25,8 +25,8 @@ Route::group(['middleware' => 'guest'], function () { Route::middleware(['throttle:authentication'])->group(function () { // Login endpoints. Route::post('/login', [Auth\LoginController::class, 'login'])->middleware('recaptcha'); - Route::post('/login/checkpoint', [Auth\LoginCheckpointController::class, 'token'])->name('auth.login-checkpoint'); - Route::post('/login/checkpoint/key', [Auth\LoginCheckpointController::class, 'key'])->name('auth.login-checkpoint-key'); + Route::post('/login/checkpoint', [Auth\LoginCheckpointController::class, 'token'])->name('auth.checkpoint'); + Route::post('/login/checkpoint/key', [Auth\LoginCheckpointController::class, 'key'])->name('auth.checkpoint.key'); // Forgot password route. A post to this endpoint will trigger an // email to be sent containing a reset token.