Add two factor authentication

1 files changed, 21 insertions, 0 deletions

diff --git a/app/Controller/Base.php b/app/Controller/Base.php
index 6420e0ee..f498c3ce 100644
--- a/app/Controller/Base.php
+++ b/app/Controller/Base.php
@@ -176,6 +176,7 @@ abstract class Base
 
         if (! $this->acl->isPublicAction($controller, $action)) {
             $this->handleAuthentication();
+            $this->handle2FA($controller, $action);
             $this->handleAuthorization($controller, $action);
 
             $this->session['has_subtask_inprogress'] = $this->subtask->hasSubtaskInProgress($this->userSession->getId());
@@ -200,6 +201,26 @@ abstract class Base
     }
 
     /**
+     * Check 2FA
+     *
+     * @access public
+     */
+    public function handle2FA($controller, $action)
+    {
+        $controllers = array('twofactor', 'user');
+        $actions = array('code', 'check', 'logout');
+
+        if ($this->userSession->has2FA() && ! $this->userSession->check2FA() && ! in_array($controller, $controllers) && ! in_array($action, $actions)) {
+
+            if ($this->request->isAjax()) {
+                $this->response->text('Not Authorized', 401);
+            }
+
+            $this->response->redirect($this->helper->url('twofactor', 'code', array('user_id' => $user['id'])));
+        }
+    }
+
+    /**
      * Check page access and authorization
      *
      * @access public