From 8bfcc3315a82aad09464211ab479dce5961f5b80 Mon Sep 17 00:00:00 2001 From: James Cole Date: Thu, 16 Feb 2017 21:01:22 +0100 Subject: [PATCH] This fixes #572 --- app/Http/Controllers/Auth/TwoFactorController.php | 10 +++++++--- app/Http/Controllers/JavascriptController.php | 4 +++- app/Http/Controllers/PreferencesController.php | 4 ++-- 3 files changed, 12 insertions(+), 6 deletions(-) diff --git a/app/Http/Controllers/Auth/TwoFactorController.php b/app/Http/Controllers/Auth/TwoFactorController.php index d48f5906f2..bf3b425161 100644 --- a/app/Http/Controllers/Auth/TwoFactorController.php +++ b/app/Http/Controllers/Auth/TwoFactorController.php @@ -17,6 +17,7 @@ use Carbon\Carbon; use FireflyIII\Exceptions\FireflyException; use FireflyIII\Http\Controllers\Controller; use FireflyIII\Http\Requests\TokenFormRequest; +use Illuminate\Http\Request; use Log; use Preferences; use Session; @@ -30,11 +31,14 @@ class TwoFactorController extends Controller { /** - * @return mixed + * @param Request $request + * + * @return \Illuminate\Contracts\View\Factory|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector|\Illuminate\View\View * @throws FireflyException */ - public function index() + public function index(Request $request) { + $user = auth()->user(); // to make sure the validator in the next step gets the secret, we push it in session @@ -50,7 +54,7 @@ class TwoFactorController extends Controller if (strlen(strval($secret)) === 0) { throw new FireflyException('Your two factor authentication secret is empty, which it cannot be at this point. Please check the log files.'); } - Session::flash('two-factor-secret', $secret); + $request->session()->flash('two-factor-secret', $secret); return view('auth.two-factor', compact('user', 'title')); } diff --git a/app/Http/Controllers/JavascriptController.php b/app/Http/Controllers/JavascriptController.php index 719371598e..6e63e57a43 100644 --- a/app/Http/Controllers/JavascriptController.php +++ b/app/Http/Controllers/JavascriptController.php @@ -13,6 +13,7 @@ namespace FireflyIII\Http\Controllers; use Amount; use FireflyIII\Exceptions\FireflyException; +use Illuminate\Http\Request; use Navigation; use Preferences; use Session; @@ -28,7 +29,7 @@ class JavascriptController extends Controller /** * */ - public function variables() + public function variables(Request $request) { $picker = $this->getDateRangePicker(); $start = Session::get('start'); @@ -52,6 +53,7 @@ class JavascriptController extends Controller 'localeconv' => $localeconv, 'language' => $lang, ]; + $request->session()->keep(['two-factor-secret']); return response() ->view('javascript.variables', $data, 200) diff --git a/app/Http/Controllers/PreferencesController.php b/app/Http/Controllers/PreferencesController.php index f4bd94c4b5..4373d61204 100644 --- a/app/Http/Controllers/PreferencesController.php +++ b/app/Http/Controllers/PreferencesController.php @@ -56,9 +56,9 @@ class PreferencesController extends Controller { $domain = $this->getDomain(); /** @noinspection PhpMethodParametersCountMismatchInspection */ - $secret = $google2fa->generateSecretKey(16, auth()->user()->id); + $secret = $google2fa->generateSecretKey(32, auth()->user()->id); Session::flash('two-factor-secret', $secret); - $image = $google2fa->getQRCodeInline('Firefly III at ' . $domain, null, $secret, 150); + $image = $google2fa->getQRCodeInline('Firefly III at ' . $domain, auth()->user()->email, $secret, 150); return view('preferences.code', compact('image'));