Commit f37c2399 authored by Christophe Maudoux's avatar Christophe Maudoux 🐛

Update sessionInfo during auth process with 2FA

parent 778ade26
......@@ -299,8 +299,10 @@ sub run {
$req->sessionInfo->{_2fRealSession} = $req->id;
$req->sessionInfo->{_2fUrldc} = $req->urldc;
$req->sessionInfo->{_2fUtime} = $req->{sessionInfo}->{_utime};
if ( $self->conf->{impersonationRule} ) {
$req->sessionInfo->{_impSpoofId} = $spoofId;
$req->sessionInfo->{_impUser} = $req->user;
}
my $token = $self->ott->createToken( $req->sessionInfo );
delete $req->{authResult};
......
......@@ -10,7 +10,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
PE_BADCREDENTIALS
);
our $VERSION = '2.0.6';
our $VERSION = '2.0.8';
extends qw(
Lemonldap::NG::Portal::Main::Plugin
......@@ -101,23 +101,23 @@ sub _verify {
# Launch second factor verification
my $res = $self->verify( $req, $session );
# Case error
if ($res) {
$req->noLoginDisplay(1);
# Update sessionInfo
delete $session->{$_}
foreach (qw(tokenSessionStartTimestamp tokenTimeoutTimestamp _type));
$req->sessionInfo($session);
$req->id( delete $req->sessionInfo->{_2fRealSession} );
$req->urldc( delete $req->sessionInfo->{_2fUrldc} );
$req->{sessionInfo}->{_utime} = delete $req->{sessionInfo}->{_2fUtime};
# Case error
if ($res) {
$req->noLoginDisplay(1);
$req->authResult(PE_BADCREDENTIALS);
return $self->p->do( $req,
[ sub { $self->p->storeHistory(@_) }, sub { $res } ] );
}
# Else restore session
$req->sessionInfo($session);
$req->id( delete $req->sessionInfo->{_2fRealSession} );
$req->urldc( delete $req->sessionInfo->{_2fUrldc} );
$req->{sessionInfo}->{_utime} = delete $req->{sessionInfo}->{_2fUtime};
$req->mustRedirect(1);
$self->userLogger->notice( $self->prefix
. '2F verification for '
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment