From a29d933f99d9112e9b0e8ba7de5b4725e7d5c122 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20B=C3=B6hmer?= Date: Sun, 13 Oct 2024 20:29:22 +0200 Subject: [PATCH] Fixed 2FA TOTP for non-admins, while also retaining validation of auth code This fixes issue #717 --- src/Controller/UserSettingsController.php | 2 +- src/Form/TFAGoogleSettingsType.php | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/src/Controller/UserSettingsController.php b/src/Controller/UserSettingsController.php index ea49dbc2..89a0ef7c 100644 --- a/src/Controller/UserSettingsController.php +++ b/src/Controller/UserSettingsController.php @@ -331,7 +331,7 @@ class UserSettingsController extends AbstractController $google_form->handleRequest($request); //We do not need to check for validity of the google form here, because we do not care if the other fields are valid - if (!$this->demo_mode && !$user->isSamlUser() && $google_form->isSubmitted()) { + if (!$this->demo_mode && !$user->isSamlUser() && $google_form->isSubmitted() && $google_form->isValid()) { if (!$google_enabled) { //Save 2FA settings (save secrets) $user->setGoogleAuthenticatorSecret($google_form->get('googleAuthenticatorSecret')->getData()); diff --git a/src/Form/TFAGoogleSettingsType.php b/src/Form/TFAGoogleSettingsType.php index e00ba494..aaa93e9e 100644 --- a/src/Form/TFAGoogleSettingsType.php +++ b/src/Form/TFAGoogleSettingsType.php @@ -60,7 +60,7 @@ class TFAGoogleSettingsType extends AbstractType 'pattern' => '\d*', 'autocomplete' => 'off', ], - 'constraints' => [new ValidGoogleAuthCode()], + 'constraints' => [new ValidGoogleAuthCode(groups: ["google_authenticator"])], ] ); @@ -92,6 +92,7 @@ class TFAGoogleSettingsType extends AbstractType { $resolver->setDefaults([ 'data_class' => User::class, + 'validation_groups' => ['google_authenticator'], ]); } }