fix: backup codes
This commit is contained in:
parent
db321db0fb
commit
a77526cab1
1 changed files with 13 additions and 3 deletions
|
@ -3788,6 +3788,16 @@ App::put('/v1/account/mfa/challenge')
|
||||||
default => false
|
default => false
|
||||||
};
|
};
|
||||||
|
|
||||||
|
if (!$success && $provider === 'totp') {
|
||||||
|
$backups = $user->getAttribute('mfaBackups', []);
|
||||||
|
if (in_array($otp, $backups)) {
|
||||||
|
$success = true;
|
||||||
|
$backups = array_diff($backups, [$otp]);
|
||||||
|
$user->setAttribute('mfaBackups', $backups);
|
||||||
|
$dbForProject->updateDocument('users', $user->getId(), $user);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
throw new Exception(Exception::USER_INVALID_TOKEN);
|
throw new Exception(Exception::USER_INVALID_TOKEN);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue