1
0
Fork 0
mirror of synced 2024-06-13 16:24:47 +12:00

Improve logic for recovery code factor

This commit is contained in:
Matej Bačo 2024-04-11 07:52:54 +00:00
parent b5b8aa5302
commit 65115f876c
2 changed files with 13 additions and 4 deletions

View file

@ -3521,13 +3521,16 @@ App::get('/v1/account/mfa/factors')
->inject('user')
->action(function (Response $response, Document $user) {
$mfaRecoveryCodes = $user->getAttribute('mfaRecoveryCodes', []);
$recoveryCodeEnabled = \is_array($mfaRecoveryCodes) && \count($mfaRecoveryCodes) > 0;
$totp = TOTP::getAuthenticatorFromUser($user);
$factors = new Document([
Type::TOTP => $totp !== null && $totp->getAttribute('verified', false),
Type::EMAIL => $user->getAttribute('email', false) && $user->getAttribute('emailVerification', false),
Type::PHONE => $user->getAttribute('phone', false) && $user->getAttribute('phoneVerification', false),
Type::RECOVERY_CODE => true
Type::RECOVERY_CODE => $recoveryCodeEnabled
]);
$response->dynamic($factors, Response::MODEL_MFA_FACTORS);

View file

@ -13,19 +13,25 @@ class MFAFactors extends Model
$this
->addRule(Type::TOTP, [
'type' => self::TYPE_BOOLEAN,
'description' => 'TOTP',
'description' => 'Can TOTP be used for MFA challenge for this account.',
'default' => false,
'example' => true
])
->addRule(Type::PHONE, [
'type' => self::TYPE_BOOLEAN,
'description' => 'Phone',
'description' => 'Can phone (SMS) be used for MFA challenge for this account.',
'default' => false,
'example' => true
])
->addRule(Type::EMAIL, [
'type' => self::TYPE_BOOLEAN,
'description' => 'Email',
'description' => 'Can email be used for MFA challenge for this account.',
'default' => false,
'example' => true
])
->addRule(Type::RECOVERY_CODE, [
'type' => self::TYPE_BOOLEAN,
'description' => 'Can recovery code be used for MFA challenge for this account.',
'default' => false,
'example' => true
])