Improve and fix issues with 2FA

nickbe · Apr 3, 2015 · e5f6e36 · e5f6e36
1 parent c72bca0
commit e5f6e36
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/app/Auth/RememberMe.php b/app/Auth/RememberMe.php
@@ -103,6 +103,9 @@ public function authenticate()
                 // Create the session
                 $this->userSession->refresh($this->user->getById($record['user_id']));
 
+                // Do not ask 2FA for remember me session
+                $this->session['2fa_validated'] = true;
+
                 $this->container['dispatcher']->dispatch(
                     'auth.success',
                     new AuthEvent(self::AUTH_NAME, $this->userSession->getId())

diff --git a/app/Controller/Twofactor.php b/app/Controller/Twofactor.php
@@ -73,7 +73,7 @@ public function save()
         }
 
         // Allow the user to test or disable the feature
-        $this->session['user']['twofactor_activated'] = false;
+        $_SESSION['user']['twofactor_activated'] = false;
 
         $this->session->flash(t('User updated successfully.'));
         $this->response->redirect($this->helper->url('twofactor', 'index', array('user_id' => $user['id'])));