leonardo/yii2-usuario
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🐛 fix(2FA): Two Factor Authentication - Filter - Blocks even when two factor authentication is enabled

Browse Source 
🐛 fix(email): add error logging when email sending fails
🔒 chore(2FA): fix TwoFactorEmailValidator to pass user as an array
The TwoFactorAuthenticationEnforceFilter was blocking users even when two factor authentication was enabled. The filter now checks if the user has two factor authentication enabled before blocking them. The MailService now logs an error when email sending fails. The TwoFactorEmailValidator now passes the user as an array to the TwoFactorEmailCodeGeneratorService.
This commit is contained in:
Wenceslaus Dsilva
2023-05-25 21:01:42 +05:30
parent ba164c857f
commit 40a76b1eda
4 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -2,6 +2,7 @@
## dev ## dev
- Fix: Two Factor Authentication - Filter - Blocks even when two factor authentication is enabled
- Fix: update Dutch (nl) translations (squio) - Fix: update Dutch (nl) translations (squio)
- Enh: possibility to limit the depth of the recursion when getting user ids from roles (mp1509) - Enh: possibility to limit the depth of the recursion when getting user ids from roles (mp1509)

4
src/User/Filter/TwoFactorAuthenticationEnforceFilter.php
View File

@ -38,8 +38,10 @@ class TwoFactorAuthenticationEnforceFilter extends ActionFilter
} }
$permissions = $module->twoFactorAuthenticationForcedPermissions; $permissions = $module->twoFactorAuthenticationForcedPermissions;
$user = Yii::$app->user->identity;
$itemsByUser = array_keys($this->getAuthManager()->getItemsByUser(Yii::$app->user->identity->id)); $itemsByUser = array_keys($this->getAuthManager()->getItemsByUser(Yii::$app->user->identity->id));
if (!empty(array_intersect($permissions, $itemsByUser))) { if (!empty(array_intersect($permissions, $itemsByUser)) && !$user->auth_tf_enabled) {
Yii::$app->session->setFlash('warning', Yii::t('usuario', 'Your role requires 2FA, you won\'t be able to use the application until you enable it')); Yii::$app->session->setFlash('warning', Yii::t('usuario', 'Your role requires 2FA, you won\'t be able to use the application until you enable it'));
return Yii::$app->response->redirect(['/user/settings/account'])->send(); return Yii::$app->response->redirect(['/user/settings/account'])->send();
} }

8
src/User/Service/MailService.php
View File

@ -83,11 +83,17 @@ class MailService implements ServiceInterface
*/ */
public function run() public function run()
{ {
return $this->mailer
$result = $this->mailer
->compose(['html' => $this->view, 'text' => "text/{$this->view}"], $this->params) ->compose(['html' => $this->view, 'text' => "text/{$this->view}"], $this->params)
->setFrom($this->from) ->setFrom($this->from)
->setTo($this->to) ->setTo($this->to)
->setSubject($this->subject) ->setSubject($this->subject)
->send(); ->send();
if (!$result) {
Yii::error("Email sending failed to '{$this->to}'.", 'mailer');
}
return $result;
} }
} }

2
src/User/Validator/TwoFactorEmailValidator.php
View File

@ -111,6 +111,6 @@ class TwoFactorEmailValidator extends TwoFactorCodeValidator
*/ */
public function generateCode() public function generateCode()
{ {
return $this->make(TwoFactorEmailCodeGeneratorService::class, $this->user)->run(); return $this->make(TwoFactorEmailCodeGeneratorService::class, [$this->user])->run();
} }
} }