summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJoas Schilling <coding@schilljs.com>2016-09-19 16:58:38 +0200
committerLukas Reschke <lukas@statuscode.ch>2016-11-18 11:57:16 +0100
commit86aa6197b881540b39d8a3c4475ee6b453b71aab (patch)
tree6f1748a49ebfa248abea6a79c8918eecb474a15e
parenta0d6c6593a4c6f08c2c4dd516c85ad59eb639be2 (diff)
downloadnextcloud-server-86aa6197b881540b39d8a3c4475ee6b453b71aab.tar.gz
nextcloud-server-86aa6197b881540b39d8a3c4475ee6b453b71aab.zip
Require confirmation when generating backup codes
Signed-off-by: Joas Schilling <coding@schilljs.com>
-rw-r--r--apps/twofactor_backupcodes/js/settingsview.js5
-rw-r--r--apps/twofactor_backupcodes/lib/Controller/SettingsController.php10
2 files changed, 11 insertions, 4 deletions
diff --git a/apps/twofactor_backupcodes/js/settingsview.js b/apps/twofactor_backupcodes/js/settingsview.js
index 224f5f4797f..76396023120 100644
--- a/apps/twofactor_backupcodes/js/settingsview.js
+++ b/apps/twofactor_backupcodes/js/settingsview.js
@@ -89,6 +89,11 @@
}.bind(this));
},
_onGenerateBackupCodes: function () {
+ if (OC.PasswordConfirmation.requiresPasswordConfirmation()) {
+ OC.PasswordConfirmation.requirePasswordConfirmation(_.bind(this._onGenerateBackupCodes, this));
+ return;
+ }
+
// Hide old codes
this._enabled = false;
this.render();
diff --git a/apps/twofactor_backupcodes/lib/Controller/SettingsController.php b/apps/twofactor_backupcodes/lib/Controller/SettingsController.php
index fed7634643d..9b0b0fc57ba 100644
--- a/apps/twofactor_backupcodes/lib/Controller/SettingsController.php
+++ b/apps/twofactor_backupcodes/lib/Controller/SettingsController.php
@@ -59,15 +59,17 @@ class SettingsController extends Controller {
/**
* @NoAdminRequired
+ * @PasswordConfirmationRequired
+ *
* @return JSONResponse
*/
public function createCodes() {
$user = $this->userSession->getUser();
$codes = $this->storage->createCodes($user);
- return [
- 'codes' => $codes,
- 'state' => $this->storage->getBackupCodesState($user),
- ];
+ return new JSONResponse([
+ 'codes' => $codes,
+ 'state' => $this->storage->getBackupCodesState($user),
+ ]);
}
}