Skip to content

Commit b91ab05

Browse files
aroduarodu
committed
feat: add event for skipping two-factor authentication verification
1 parent 3c89c1e commit b91ab05

File tree

2 files changed

+16
-1
lines changed

2 files changed

+16
-1
lines changed

src/Controller/Traits/OneTimePasswordVerifyTrait.php

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@
1616
use Cake\Core\Configure;
1717
use CakeDC\Auth\Authentication\AuthenticationService;
1818
use CakeDC\Auth\Authenticator\TwoFactorAuthenticator;
19+
use CakeDC\Users\UsersPlugin;
1920

2021
trait OneTimePasswordVerifyTrait
2122
{
@@ -43,6 +44,15 @@ public function verify()
4344
$temporarySession = $this->getRequest()->getSession()->read(
4445
AuthenticationService::TWO_FACTOR_VERIFY_SESSION_KEY,
4546
);
47+
48+
$event = $this->dispatchEvent(UsersPlugin::EVENT_2FA_SKIP_VERIFY, ['user' => $temporarySession]);
49+
if ($event->getResult() === true) {
50+
$this->getRequest()->getSession()->delete(AuthenticationService::TWO_FACTOR_VERIFY_SESSION_KEY);
51+
$this->getRequest()->getSession()->write(TwoFactorAuthenticator::USER_SESSION_KEY, $temporarySession);
52+
53+
return $this->redirect($loginAction);
54+
}
55+
4656
$secretVerified = $temporarySession['secret_verified'] ?? null;
4757
// showing QR-code until shared secret is verified
4858
if (!$secretVerified) {
@@ -55,7 +65,10 @@ public function verify()
5565
$temporarySession['email'],
5666
$secret,
5767
);
58-
$this->set(['secretDataUri' => $secretDataUri]);
68+
$this->set([
69+
'secretDataUri' => $secretDataUri,
70+
'secret' => $secret,
71+
]);
5972
}
6073

6174
if ($this->getRequest()->is('post')) {

src/UsersPlugin.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,8 @@ class UsersPlugin extends BasePlugin
4848
public const EVENT_AFTER_RESEND_TOKEN_VALIDATION = 'Users.Global.afterResendTokenValidation';
4949
public const EVENT_AFTER_EMAIL_TOKEN_VALIDATION = 'Users.Global.afterEmailTokenValidation';
5050

51+
public const EVENT_2FA_SKIP_VERIFY = 'Users.TwoFactor.skipVerify';
52+
5153
public const DEPRECATED_MESSAGE_U2F =
5254
'U2F is no longer supported by chrome, we suggest using Webauthn as a replacement';
5355

0 commit comments

Comments
 (0)