41 lines
1021 B
PHP
41 lines
1021 B
PHP
<?php
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
use App\Models\UserPref;
|
|
use Closure;
|
|
use LibreNMS\Config;
|
|
|
|
class VerifyTwoFactor
|
|
{
|
|
/**
|
|
* Handle an incoming request.
|
|
*
|
|
* @param \Illuminate\Http\Request $request
|
|
* @param \Closure $next
|
|
* @return mixed
|
|
*/
|
|
public function handle($request, Closure $next)
|
|
{
|
|
// check twofactor
|
|
if (Config::get('twofactor') === true) {
|
|
// don't apply on 2fa checking routes
|
|
if (starts_with($request->route()->getName(), '2fa.')) {
|
|
return $next($request);
|
|
}
|
|
|
|
$twofactor = $request->session()->get('twofactoradd', UserPref::getPref($request->user(), 'twofactor'));
|
|
|
|
if (!empty($twofactor)) {
|
|
// user has 2fa enabled
|
|
if (!$request->session()->get('twofactor')) {
|
|
// verification is needed
|
|
return redirect('/2fa');
|
|
}
|
|
}
|
|
}
|
|
|
|
return $next($request);
|
|
}
|
|
}
|