diff options
author | Roeland Jago Douma <roeland@famdouma.nl> | 2019-10-25 14:42:00 +0200 |
---|---|---|
committer | Roeland Jago Douma <roeland@famdouma.nl> | 2019-10-25 15:44:37 +0200 |
commit | 2cf068463fb2da915fc576bfed0134e051885b39 (patch) | |
tree | ace41cc391e8124c293aadab8df6e28a8934b7cf /core/Middleware | |
parent | a1cc2b21cc4e8abc0aa04938429e73b7b1f66fef (diff) | |
download | nextcloud-server-2cf068463fb2da915fc576bfed0134e051885b39.tar.gz nextcloud-server-2cf068463fb2da915fc576bfed0134e051885b39.zip |
Harden middleware check
These annotations will allow for extra checks. And thus make it harder
to break things.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'core/Middleware')
-rw-r--r-- | core/Middleware/TwoFactorMiddleware.php | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/core/Middleware/TwoFactorMiddleware.php b/core/Middleware/TwoFactorMiddleware.php index 7b32c0dd895..b8ca7d9da9e 100644 --- a/core/Middleware/TwoFactorMiddleware.php +++ b/core/Middleware/TwoFactorMiddleware.php @@ -88,6 +88,16 @@ class TwoFactorMiddleware extends Middleware { return; } + if ($controller instanceof TwoFactorChallengeController + && $this->userSession->getUser() !== null + && !$this->reflector->hasAnnotation('TwoFactorSetUpDoneRequired')) { + $providers = $this->twoFactorManager->getProviderSet($this->userSession->getUser()); + + if (!($providers->getProviders() === [] && !$providers->isProviderMissing())) { + throw new TwoFactorAuthRequiredException(); + } + } + if ($controller instanceof ALoginSetupController && $this->userSession->getUser() !== null && $this->twoFactorManager->needsSecondFactor($this->userSession->getUser())) { |