Merge pull request #6 from LifeOnScreen/development

[Feature] Added CSFR support
LifeOnScreen · Oct 23, 2018 · 2607acb · 2607acb
2 parents a9b684a + 339974b
commit 2607acb
Show file tree

Hide file tree

Showing 4 changed files with 5 additions and 3 deletions.
diff --git a/resources/views/authenticate.blade.php b/resources/views/authenticate.blade.php
@@ -39,6 +39,7 @@ function checkAutoSubmit(el) {
 
         <form id="authenticate_form" class="bg-white shadow rounded-lg p-8 max-w-xl mx-auto" method="POST"
               action="/los/2fa/authenticate">
+            @csrf
             <h2 class="p-2">Two Factor Authentication</h2>
 
             <p class="p-2">Two factor authentication (2FA) strengthens access security by requiring two methods (also

diff --git a/resources/views/recovery.blade.php b/resources/views/recovery.blade.php
@@ -38,7 +38,7 @@
 
         <form class="bg-white shadow rounded-lg p-8 max-w-xl mx-auto" method="POST" action="/los/2fa/register">
             <h2 class="p-2">Recovery codes</h2>
-
+            @csrf
             <p class="p-2">
                 Recovery codes are used to access your account in the event you cannot recive two-factor
                 authentication codes.

diff --git a/resources/views/register.blade.php b/resources/views/register.blade.php
@@ -38,6 +38,7 @@ function checkAutoSubmit(el) {
 
         <form id="register_form" class="bg-white shadow rounded-lg p-8 max-w-xl mx-auto" method="POST"
               action="/los/2fa/confirm">
+            @csrf
             <h2 class="p-2">Two Factor Authentication</h2>
 
             <p class="p-2">Two factor authentication (2FA) strengthens access security by requiring two methods (also

diff --git a/src/Google2fa.php b/src/Google2fa.php
@@ -47,7 +47,7 @@ public function confirm()
             $authenticator = app(Google2FAAuthenticator::class);
             $authenticator->login();
 
-            return response()->redirectTo('/nova');
+            return response()->redirectTo(config('nova.path'));
         }
 
         $google2fa = new G2fa();
@@ -121,7 +121,7 @@ public function authenticate()
             $authenticator = app(Google2FAAuthenticator::class);
             $authenticator->login();
 
-            return response()->redirectTo('/nova');
+            return response()->redirectTo(config('nova.path'));
         }
         $data['error'] = 'One time password is invalid.';