diff options
| author | Christoph Wurst <christoph@owncloud.com> | 2016-06-10 09:52:52 +0200 |
|---|---|---|
| committer | Christoph Wurst <christoph@owncloud.com> | 2016-06-10 09:52:52 +0200 |
| commit | 7b3dc806eb45a65279acee2e54f32f2d2f388980 (patch) | |
| tree | 39a9fcdbaae793ae45adcff8298cf0f54237fc3c | |
| parent | e8a66f8e7d6079c0982e2e377ca9eea7e451acea (diff) | |
| download | nextcloud-server-7b3dc806eb45a65279acee2e54f32f2d2f388980.tar.gz nextcloud-server-7b3dc806eb45a65279acee2e54f32f2d2f388980.zip | |
Check 2FA state for raw php files too
| -rw-r--r-- | lib/private/legacy/json.php | 4 | ||||
| -rw-r--r-- | lib/private/legacy/util.php | 5 |
2 files changed, 8 insertions, 1 deletions
diff --git a/lib/private/legacy/json.php b/lib/private/legacy/json.php index d201d69723e..1dde63602b1 100644 --- a/lib/private/legacy/json.php +++ b/lib/private/legacy/json.php @@ -64,7 +64,9 @@ class OC_JSON{ * @deprecated Use annotation based ACLs from the AppFramework instead */ public static function checkLoggedIn() { - if( !OC_User::isLoggedIn()) { + $twoFactorAuthManger = \OC::$server->getTwoFactorAuthManager(); + if( !OC_User::isLoggedIn() + || $twoFactorAuthManger->needsSecondFactor()) { $l = \OC::$server->getL10N('lib'); http_response_code(\OCP\AppFramework\Http::STATUS_UNAUTHORIZED); self::error(array( 'data' => array( 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' ))); diff --git a/lib/private/legacy/util.php b/lib/private/legacy/util.php index a863348566e..65d00c16388 100644 --- a/lib/private/legacy/util.php +++ b/lib/private/legacy/util.php @@ -970,6 +970,11 @@ class OC_Util { ); exit(); } + // Redirect to index page if 2FA challenge was not solved yet + if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor()) { + header('Location: ' . \OCP\Util::linkToAbsolute('', 'index.php')); + exit(); + } } /** |