Make sure tokens handled by 2F modules are temporary sessions (#2791)
This commit is contained in:
parent
5e72df3f06
commit
318e08ccc7
|
@ -437,6 +437,12 @@ sub _choice {
|
|||
return $self->p->do( $req, [ sub { PE_TOKENEXPIRED } ] );
|
||||
}
|
||||
|
||||
unless ( $session->{_2fRealSession} ) {
|
||||
$self->logger->error("Invalid 2FA session token");
|
||||
$req->noLoginDisplay(1);
|
||||
return $self->p->do( $req, [ sub { PE_ERROR } ] );
|
||||
}
|
||||
|
||||
$req->sessionInfo($session);
|
||||
|
||||
# New token
|
||||
|
|
|
@ -5,6 +5,7 @@ use Mouse;
|
|||
use Lemonldap::NG::Portal::Main::Constants qw(
|
||||
PE_SENDRESPONSE
|
||||
PE_OK
|
||||
PE_ERROR
|
||||
PE_NOTOKEN
|
||||
PE_TOKENEXPIRED
|
||||
PE_BADCREDENTIALS
|
||||
|
@ -104,6 +105,11 @@ sub _verify {
|
|||
$req->noLoginDisplay(1);
|
||||
return $self->p->do( $req, [ sub { PE_TOKENEXPIRED } ] );
|
||||
}
|
||||
unless ( $session->{_2fRealSession} ) {
|
||||
$self->logger->error("Invalid 2FA session token");
|
||||
$req->noLoginDisplay(1);
|
||||
return $self->p->do( $req, [ sub { PE_ERROR } ] );
|
||||
}
|
||||
|
||||
# Launch second factor verification
|
||||
my $res = $self->verify( $req, $session );
|
||||
|
|
Loading…
Reference in New Issue