summaryrefslogtreecommitdiffstats
path: root/lib/private/Authentication/TwoFactorAuth
diff options
context:
space:
mode:
authorJoas Schilling <coding@schilljs.com>2021-12-01 17:50:43 +0100
committerJoas Schilling <coding@schilljs.com>2021-12-01 17:56:30 +0100
commit660e5502603e82bb70652cbd146d72139791d6a7 (patch)
tree8aad41720b2efc6f558d68e3a6eed719f51fc980 /lib/private/Authentication/TwoFactorAuth
parent3a1ef2b012a903ee4e08483fd47afbd6fc111ca3 (diff)
downloadnextcloud-server-660e5502603e82bb70652cbd146d72139791d6a7.tar.gz
nextcloud-server-660e5502603e82bb70652cbd146d72139791d6a7.zip
Only check the twofactor state once per request
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'lib/private/Authentication/TwoFactorAuth')
-rw-r--r--lib/private/Authentication/TwoFactorAuth/Manager.php10
1 files changed, 9 insertions, 1 deletions
diff --git a/lib/private/Authentication/TwoFactorAuth/Manager.php b/lib/private/Authentication/TwoFactorAuth/Manager.php
index 375803b1d96..66e7c090e42 100644
--- a/lib/private/Authentication/TwoFactorAuth/Manager.php
+++ b/lib/private/Authentication/TwoFactorAuth/Manager.php
@@ -87,6 +87,9 @@ class Manager {
/** @var EventDispatcherInterface */
private $legacyDispatcher;
+ /** @psalm-var array<string, bool> */
+ private $userIsTwoFactorAuthenticated = [];
+
public function __construct(ProviderLoader $providerLoader,
IRegistry $providerRegistry,
MandatoryTwoFactor $mandatoryTwoFactor,
@@ -118,6 +121,10 @@ class Manager {
* @return boolean
*/
public function isTwoFactorAuthenticated(IUser $user): bool {
+ if (isset($this->userIsTwoFactorAuthenticated[$user->getUID()])) {
+ return $this->userIsTwoFactorAuthenticated[$user->getUID()];
+ }
+
if ($this->mandatoryTwoFactor->isEnforcedFor($user)) {
return true;
}
@@ -129,7 +136,8 @@ class Manager {
$providerIds = array_keys($enabled);
$providerIdsWithoutBackupCodes = array_diff($providerIds, [self::BACKUP_CODES_PROVIDER_ID]);
- return !empty($providerIdsWithoutBackupCodes);
+ $this->userIsTwoFactorAuthenticated[$user->getUID()] = !empty($providerIdsWithoutBackupCodes);
+ return $this->userIsTwoFactorAuthenticated[$user->getUID()];
}
/**