Signed-off-by: Alexander Piskun <bigcat88@icloud.com>tags/v29.0.0beta1
@@ -100,7 +100,10 @@ class TwoFactorMiddleware extends Middleware { | |||
if ($this->userSession->isLoggedIn()) { | |||
$user = $this->userSession->getUser(); | |||
if ($this->session->exists('app_password') || $this->twoFactorManager->isTwoFactorAuthenticated($user)) { | |||
if ($this->session->exists('app_password') // authenticated using an app password | |||
|| $this->session->exists('app_api') // authenticated using an AppAPI Auth | |||
|| $this->twoFactorManager->isTwoFactorAuthenticated($user)) { | |||
$this->checkTwoFactor($controller, $methodName, $user); | |||
} elseif ($controller instanceof TwoFactorChallengeController) { | |||
// Allow access to the two-factor controllers only if two-factor authentication |
@@ -318,8 +318,8 @@ class Manager { | |||
return false; | |||
} | |||
// If we are authenticated using an app password skip all this | |||
if ($this->session->exists('app_password')) { | |||
// If we are authenticated using an app password or AppAPI Auth, skip all this | |||
if ($this->session->exists('app_password') || $this->session->get('app_api') === true) { | |||
return false; | |||
} | |||
@@ -629,13 +629,26 @@ class ManagerTest extends TestCase { | |||
return false; | |||
} elseif ($var === 'app_password') { | |||
return false; | |||
} elseif ($var === 'app_api') { | |||
return false; | |||
} | |||
return true; | |||
}); | |||
$this->session->method('get') | |||
->willReturnCallback(function ($var) { | |||
if ($var === Manager::SESSION_UID_KEY) { | |||
return 'user'; | |||
} elseif ($var === 'app_api') { | |||
return true; | |||
} | |||
return null; | |||
}); | |||
$this->session->expects($this->once()) | |||
->method('get') | |||
->with(Manager::SESSION_UID_DONE) | |||
->willReturn('user'); | |||
->willReturnMap([ | |||
[Manager::SESSION_UID_DONE, 'user'], | |||
['app_api', true] | |||
]); | |||
$this->assertFalse($this->manager->needsSecondFactor($user)); | |||
} | |||
@@ -695,8 +708,10 @@ class ManagerTest extends TestCase { | |||
public function testNeedsSecondFactorAppPassword() { | |||
$user = $this->createMock(IUser::class); | |||
$this->session->method('exists') | |||
->with('app_password') | |||
->willReturn(true); | |||
->willReturnMap([ | |||
['app_password', true], | |||
['app_api', true] | |||
]); | |||
$this->assertFalse($this->manager->needsSecondFactor($user)); | |||
} |