mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-21 17:39:06 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added possibilty to invalidate trusted devices.

Browse source
This commit is contained in:
Jan Böhmer 2019-12-29 16:43:43 +01:00
parent 3e56352688
commit 12dd269b3a
2 changed files with 40 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

25
src/Controller/SecurityController.php
View file

@ -205,11 +205,36 @@ class SecurityController extends AbstractController
$entityManager->flush();
$this->addFlash('success', 'tfa.u2f.u2f_delete.success');
}
} else {
$this->addFlash('error','csfr_invalid');
}
return $this->redirectToRoute('user_settings');
}
/**
* @Route("/user/invalidate_trustedDevices", name="tfa_trustedDevices_invalidate", methods={"DELETE"})
*/
public function resetTrustedDevices(Request $request, EntityManagerInterface $entityManager)
{
$user = $this->getUser();
if (!$user instanceof User) {
return new \RuntimeException('This controller only works only for Part-DB User objects!');
}
//When user change its settings, he should be logged in fully.
$this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
if ($this->isCsrfTokenValid('devices_reset'.$user->getId(), $request->request->get('_token'))) {
$user->invalidateTrustedDeviceTokens();
$entityManager->flush();
$this->addFlash('success', 'tfa_trustedDevice.invalidate.success');
} else {
$this->addFlash('error','csfr_invalid');
}
return $this->redirectToRoute('user_settings');
}
/**
* @Route("/logout", name="logout")
*/