llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-08 00:50:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: fix issue that admin cannot enable MFA for user (#2702)

Browse Source
This commit is contained in:
Yaodong Yu
2024-02-14 23:29:04 +08:00
committed by GitHub
parent 7481b229a4
commit f35a5f9a47
2 changed files with 32 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
controllers/mfa.go
View File

@ -110,7 +110,7 @@ func (c *ApiController) MfaSetupVerify() {
return return
} }
config.Secret = secret.(string) config.Secret = secret.(string)
} else if mfaType == object.EmailType || mfaType == object.SmsType { } else if mfaType == object.SmsType {
dest := c.GetSession(MfaDestSession) dest := c.GetSession(MfaDestSession)
if dest == nil { if dest == nil {
c.ResponseError("destination is missing") c.ResponseError("destination is missing")
@ -123,6 +123,13 @@ func (c *ApiController) MfaSetupVerify() {
return return
} }
config.CountryCode = countryCode.(string) config.CountryCode = countryCode.(string)
} else if mfaType == object.EmailType {
dest := c.GetSession(MfaDestSession)
if dest == nil {
c.ResponseError("destination is missing")
return
}
config.Secret = dest.(string)
} }
mfaUtil := object.GetMfaUtil(mfaType, config) mfaUtil := object.GetMfaUtil(mfaType, config)
@ -175,19 +182,30 @@ func (c *ApiController) MfaSetupEnable() {
return return
} }
config.Secret = secret.(string) config.Secret = secret.(string)
} else if mfaType == object.EmailType || mfaType == object.SmsType { } else if mfaType == object.EmailType {
dest := c.GetSession(MfaDestSession) if user.Email == "" {
if dest == nil { dest := c.GetSession(MfaDestSession)
c.ResponseError("destination is missing") if dest == nil {
return c.ResponseError("destination is missing")
return
}
user.Email = dest.(string)
} }
config.Secret = dest.(string) } else if mfaType == object.SmsType {
countryCode := c.GetSession(MfaCountryCodeSession) if user.Phone == "" {
if countryCode == nil { dest := c.GetSession(MfaDestSession)
c.ResponseError("country code is missing") if dest == nil {
return c.ResponseError("destination is missing")
return
}
user.Phone = dest.(string)
countryCode := c.GetSession(MfaCountryCodeSession)
if countryCode == nil {
c.ResponseError("country code is missing")
return
}
user.CountryCode = countryCode.(string)
} }
config.CountryCode = countryCode.(string)
} }
recoveryCodes := c.GetSession(MfaRecoveryCodesSession) recoveryCodes := c.GetSession(MfaRecoveryCodesSession)
if recoveryCodes == nil { if recoveryCodes == nil {

15
object/mfa_sms.go
View File

@ -52,21 +52,10 @@ func (mfa *SmsMfa) Enable(user *User) error {
if mfa.MfaType == SmsType { if mfa.MfaType == SmsType {
user.MfaPhoneEnabled = true user.MfaPhoneEnabled = true
columns = append(columns, "mfa_phone_enabled") columns = append(columns, "mfa_phone_enabled", "phone", "country_code")
if user.Phone == "" {
user.Phone = mfa.Secret
user.CountryCode = mfa.CountryCode
columns = append(columns, "phone", "country_code")
}
} else if mfa.MfaType == EmailType { } else if mfa.MfaType == EmailType {
user.MfaEmailEnabled = true user.MfaEmailEnabled = true
columns = append(columns, "mfa_email_enabled") columns = append(columns, "mfa_email_enabled", "email")
if user.Email == "" {
user.Email = mfa.Secret
columns = append(columns, "email")
}
} }
_, err := UpdateUser(user.GetId(), user, columns, false) _, err := UpdateUser(user.GetId(), user, columns, false)