summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVincent Petry <pvince81@owncloud.com>2016-06-10 11:56:21 +0200
committerGitHub <noreply@github.com>2016-06-10 11:56:21 +0200
commita0d8702a1c168a178846ceba849b1521e6462b0f (patch)
tree9bad971ec96374cd668a61676ef8cdf2afca62b9
parent68c3b23e0421a59d5423357e516ab7f4df9fcfbc (diff)
parent7b3dc806eb45a65279acee2e54f32f2d2f388980 (diff)
downloadnextcloud-server-a0d8702a1c168a178846ceba849b1521e6462b0f.tar.gz
nextcloud-server-a0d8702a1c168a178846ceba849b1521e6462b0f.zip
Merge pull request #25051 from owncloud/2fa-raw-php-files
Check 2FA state for raw php files too
Diffstat
-rw-r--r--lib/private/legacy/json.php4
-rw-r--r--lib/private/legacy/util.php5
2 files changed, 8 insertions, 1 deletions
diff --git a/lib/private/legacy/json.php b/lib/private/legacy/json.php
index d201d69723e..1dde63602b1 100644
--- a/lib/private/legacy/json.php
+++ b/lib/private/legacy/json.php
@@ -64,7 +64,9 @@ class OC_JSON{
* @deprecated Use annotation based ACLs from the AppFramework instead
*/
public static function checkLoggedIn() {
- if( !OC_User::isLoggedIn()) {
+ $twoFactorAuthManger = \OC::$server->getTwoFactorAuthManager();
+ if( !OC_User::isLoggedIn()
+ || $twoFactorAuthManger->needsSecondFactor()) {
$l = \OC::$server->getL10N('lib');
http_response_code(\OCP\AppFramework\Http::STATUS_UNAUTHORIZED);
self::error(array( 'data' => array( 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' )));
diff --git a/lib/private/legacy/util.php b/lib/private/legacy/util.php
index a863348566e..65d00c16388 100644
--- a/lib/private/legacy/util.php
+++ b/lib/private/legacy/util.php
@@ -970,6 +970,11 @@ class OC_Util {
);
exit();
}
+ // Redirect to index page if 2FA challenge was not solved yet
+ if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor()) {
+ header('Location: ' . \OCP\Util::linkToAbsolute('', 'index.php'));
+ exit();
+ }
}
/**
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-23 11:26:19 +0000