PR review changes
This commit is contained in:
parent
ae77a2466b
commit
d4e4337c57
|
@ -3788,7 +3788,7 @@ App::patch('/v1/account/mfa/recovery-codes')
|
|||
$queueForEvents->setParam('userId', $user->getId());
|
||||
|
||||
$document = new Document([
|
||||
'recoveryCodes' => $mfaRecoveryCodes
|
||||
'recoveryCodes' => $mfaRecoveryCodes
|
||||
]);
|
||||
|
||||
$response->dynamic($document, Response::MODEL_MFA_RECOVERY_CODES);
|
||||
|
|
|
@ -1711,7 +1711,7 @@ App::put('/v1/users/:userId/mfa/recovery-codes')
|
|||
$queueForEvents->setParam('userId', $user->getId());
|
||||
|
||||
$document = new Document([
|
||||
'recoveryCodes' => $mfaRecoveryCodes
|
||||
'recoveryCodes' => $mfaRecoveryCodes
|
||||
]);
|
||||
|
||||
$response->dynamic($document, Response::MODEL_MFA_RECOVERY_CODES);
|
||||
|
|
|
@ -13,17 +13,17 @@ App::init()
|
|||
->groups(['mfaProtected'])
|
||||
->inject('session')
|
||||
->action(function (Document $session) {
|
||||
$isSessionSafe = false;
|
||||
$isSessionFresh = false;
|
||||
|
||||
$lastUpdate = $session->getAttribute('mfaUpdatedAt');
|
||||
if (!empty($lastUpdate)) {
|
||||
$now = DateTime::now();
|
||||
$maxAllowedDate = DateTime::addSeconds($lastUpdate, Auth::MFA_RECENT_DURATION); // Maximum date until session is considered safe before asking for another challenge
|
||||
|
||||
$isSessionSafe = DateTime::formatTz($maxAllowedDate) >= DateTime::formatTz($now);
|
||||
$isSessionFresh = DateTime::formatTz($maxAllowedDate) >= DateTime::formatTz($now);
|
||||
}
|
||||
|
||||
if (!$isSessionSafe) {
|
||||
if (!$isSessionFresh) {
|
||||
throw new Exception(Exception::USER_CHALLENGE_REQUIRED);
|
||||
}
|
||||
});
|
||||
|
|
|
@ -89,7 +89,7 @@ class Auth
|
|||
/**
|
||||
* MFA
|
||||
*/
|
||||
public const MFA_RECENT_DURATION = 600; // 5 minutes
|
||||
public const MFA_RECENT_DURATION = 1800; // 30 mins
|
||||
|
||||
/**
|
||||
* @var string
|
||||
|
|
Loading…
Reference in a new issue