Merge branch 'fix-2fa-token-timeout-2791' into 'v2.0'
Fix #2791 (broken portal after 2FA timeout) See merge request lemonldap-ng/lemonldap-ng!287
This commit is contained in:
commit
6f4ae3552c
|
@ -433,9 +433,16 @@ sub _choice {
|
||||||
my $session;
|
my $session;
|
||||||
unless ( $session = $self->ott->getToken($token) ) {
|
unless ( $session = $self->ott->getToken($token) ) {
|
||||||
$self->userLogger->info('Token expired');
|
$self->userLogger->info('Token expired');
|
||||||
|
$req->noLoginDisplay(1);
|
||||||
return $self->p->do( $req, [ sub { PE_TOKENEXPIRED } ] );
|
return $self->p->do( $req, [ sub { PE_TOKENEXPIRED } ] );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
unless ( $session->{_2fRealSession} ) {
|
||||||
|
$self->logger->error("Invalid 2FA session token");
|
||||||
|
$req->noLoginDisplay(1);
|
||||||
|
return $self->p->do( $req, [ sub { PE_ERROR } ] );
|
||||||
|
}
|
||||||
|
|
||||||
$req->sessionInfo($session);
|
$req->sessionInfo($session);
|
||||||
|
|
||||||
# New token
|
# New token
|
||||||
|
|
|
@ -5,6 +5,7 @@ use Mouse;
|
||||||
use Lemonldap::NG::Portal::Main::Constants qw(
|
use Lemonldap::NG::Portal::Main::Constants qw(
|
||||||
PE_SENDRESPONSE
|
PE_SENDRESPONSE
|
||||||
PE_OK
|
PE_OK
|
||||||
|
PE_ERROR
|
||||||
PE_NOTOKEN
|
PE_NOTOKEN
|
||||||
PE_TOKENEXPIRED
|
PE_TOKENEXPIRED
|
||||||
PE_BADCREDENTIALS
|
PE_BADCREDENTIALS
|
||||||
|
@ -101,9 +102,14 @@ sub _verify {
|
||||||
my $session;
|
my $session;
|
||||||
unless ( $session = $self->ott->getToken($token) ) {
|
unless ( $session = $self->ott->getToken($token) ) {
|
||||||
$self->userLogger->info('Token expired');
|
$self->userLogger->info('Token expired');
|
||||||
$self->setSecurity($req);
|
$req->noLoginDisplay(1);
|
||||||
return $self->p->do( $req, [ sub { PE_TOKENEXPIRED } ] );
|
return $self->p->do( $req, [ sub { PE_TOKENEXPIRED } ] );
|
||||||
}
|
}
|
||||||
|
unless ( $session->{_2fRealSession} ) {
|
||||||
|
$self->logger->error("Invalid 2FA session token");
|
||||||
|
$req->noLoginDisplay(1);
|
||||||
|
return $self->p->do( $req, [ sub { PE_ERROR } ] );
|
||||||
|
}
|
||||||
|
|
||||||
# Launch second factor verification
|
# Launch second factor verification
|
||||||
my $res = $self->verify( $req, $session );
|
my $res = $self->verify( $req, $session );
|
||||||
|
|
|
@ -3,7 +3,7 @@ use strict;
|
||||||
use IO::String;
|
use IO::String;
|
||||||
|
|
||||||
require 't/test-lib.pm';
|
require 't/test-lib.pm';
|
||||||
my $maintests = 27;
|
my $maintests = 28;
|
||||||
|
|
||||||
SKIP: {
|
SKIP: {
|
||||||
eval { require Convert::Base32 };
|
eval { require Convert::Base32 };
|
||||||
|
@ -186,10 +186,13 @@ SKIP: {
|
||||||
),
|
),
|
||||||
'Post code'
|
'Post code'
|
||||||
);
|
);
|
||||||
( $host, $url, $query ) =
|
|
||||||
expectForm( $res, '#', undef, 'user', 'password', 'token' );
|
|
||||||
ok( $res->[2]->[0] =~ /<span trmsg="82"><\/span>/, 'Token expired' )
|
ok( $res->[2]->[0] =~ /<span trmsg="82"><\/span>/, 'Token expired' )
|
||||||
or print STDERR Dumper( $res->[2]->[0] );
|
or print STDERR Dumper( $res->[2]->[0] );
|
||||||
|
unlike(
|
||||||
|
$res->[2]->[0],
|
||||||
|
qr/input id="userfield"/,
|
||||||
|
'Login form is not displayed'
|
||||||
|
);
|
||||||
|
|
||||||
# Try to sign-in
|
# Try to sign-in
|
||||||
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', );
|
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', );
|
||||||
|
|
|
@ -4,7 +4,7 @@ use IO::String;
|
||||||
use JSON qw/from_json to_json/;
|
use JSON qw/from_json to_json/;
|
||||||
|
|
||||||
require 't/test-lib.pm';
|
require 't/test-lib.pm';
|
||||||
my $maintests = 30;
|
my $maintests = 31;
|
||||||
|
|
||||||
SKIP: {
|
SKIP: {
|
||||||
eval { require Convert::Base32 };
|
eval { require Convert::Base32 };
|
||||||
|
@ -187,10 +187,14 @@ SKIP: {
|
||||||
),
|
),
|
||||||
'Post code'
|
'Post code'
|
||||||
);
|
);
|
||||||
( $host, $url, $query ) =
|
|
||||||
expectForm( $res, '#', undef, 'user', 'password', 'token' );
|
|
||||||
ok( $res->[2]->[0] =~ /<span trmsg="82"><\/span>/, 'Token expired' )
|
ok( $res->[2]->[0] =~ /<span trmsg="82"><\/span>/, 'Token expired' )
|
||||||
or print STDERR Dumper( $res->[2]->[0] );
|
or print STDERR Dumper( $res->[2]->[0] );
|
||||||
|
unlike(
|
||||||
|
$res->[2]->[0],
|
||||||
|
qr/input id="userfield"/,
|
||||||
|
'Login form is not displayed'
|
||||||
|
);
|
||||||
|
|
||||||
# Try to sign-in
|
# Try to sign-in
|
||||||
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', );
|
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', );
|
||||||
|
|
Loading…
Reference in New Issue