Merge branch 'fix-2fa-token-timeout-2791' into 'v2.0'
Fix #2791 (broken portal after 2FA timeout) See merge request lemonldap-ng/lemonldap-ng!287
This commit is contained in:
commit
6f4ae3552c
|
@ -433,9 +433,16 @@ sub _choice {
|
|||
my $session;
|
||||
unless ( $session = $self->ott->getToken($token) ) {
|
||||
$self->userLogger->info('Token expired');
|
||||
$req->noLoginDisplay(1);
|
||||
return $self->p->do( $req, [ sub { PE_TOKENEXPIRED } ] );
|
||||
}
|
||||
|
||||
unless ( $session->{_2fRealSession} ) {
|
||||
$self->logger->error("Invalid 2FA session token");
|
||||
$req->noLoginDisplay(1);
|
||||
return $self->p->do( $req, [ sub { PE_ERROR } ] );
|
||||
}
|
||||
|
||||
$req->sessionInfo($session);
|
||||
|
||||
# New token
|
||||
|
|
|
@ -5,6 +5,7 @@ use Mouse;
|
|||
use Lemonldap::NG::Portal::Main::Constants qw(
|
||||
PE_SENDRESPONSE
|
||||
PE_OK
|
||||
PE_ERROR
|
||||
PE_NOTOKEN
|
||||
PE_TOKENEXPIRED
|
||||
PE_BADCREDENTIALS
|
||||
|
@ -101,9 +102,14 @@ sub _verify {
|
|||
my $session;
|
||||
unless ( $session = $self->ott->getToken($token) ) {
|
||||
$self->userLogger->info('Token expired');
|
||||
$self->setSecurity($req);
|
||||
$req->noLoginDisplay(1);
|
||||
return $self->p->do( $req, [ sub { PE_TOKENEXPIRED } ] );
|
||||
}
|
||||
unless ( $session->{_2fRealSession} ) {
|
||||
$self->logger->error("Invalid 2FA session token");
|
||||
$req->noLoginDisplay(1);
|
||||
return $self->p->do( $req, [ sub { PE_ERROR } ] );
|
||||
}
|
||||
|
||||
# Launch second factor verification
|
||||
my $res = $self->verify( $req, $session );
|
||||
|
|
|
@ -3,7 +3,7 @@ use strict;
|
|||
use IO::String;
|
||||
|
||||
require 't/test-lib.pm';
|
||||
my $maintests = 27;
|
||||
my $maintests = 28;
|
||||
|
||||
SKIP: {
|
||||
eval { require Convert::Base32 };
|
||||
|
@ -186,10 +186,13 @@ SKIP: {
|
|||
),
|
||||
'Post code'
|
||||
);
|
||||
( $host, $url, $query ) =
|
||||
expectForm( $res, '#', undef, 'user', 'password', 'token' );
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="82"><\/span>/, 'Token expired' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
unlike(
|
||||
$res->[2]->[0],
|
||||
qr/input id="userfield"/,
|
||||
'Login form is not displayed'
|
||||
);
|
||||
|
||||
# Try to sign-in
|
||||
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', );
|
||||
|
|
|
@ -4,7 +4,7 @@ use IO::String;
|
|||
use JSON qw/from_json to_json/;
|
||||
|
||||
require 't/test-lib.pm';
|
||||
my $maintests = 30;
|
||||
my $maintests = 31;
|
||||
|
||||
SKIP: {
|
||||
eval { require Convert::Base32 };
|
||||
|
@ -187,10 +187,14 @@ SKIP: {
|
|||
),
|
||||
'Post code'
|
||||
);
|
||||
( $host, $url, $query ) =
|
||||
expectForm( $res, '#', undef, 'user', 'password', 'token' );
|
||||
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="82"><\/span>/, 'Token expired' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
unlike(
|
||||
$res->[2]->[0],
|
||||
qr/input id="userfield"/,
|
||||
'Login form is not displayed'
|
||||
);
|
||||
|
||||
# Try to sign-in
|
||||
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', );
|
||||
|
|
Loading…
Reference in New Issue