Add two factor authentication

1 files changed, 27 insertions, 0 deletions

diff --git a/app/Model/UserSession.php b/app/Model/UserSession.php
index 6d9a2ebc..efb02722 100644
--- a/app/Model/UserSession.php
+++ b/app/Model/UserSession.php
@@ -28,15 +28,42 @@ class UserSession extends Base
             unset($user['password']);
         }
 
+        if (isset($user['twofactor_secret'])) {
+            unset($user['twofactor_secret']);
+        }
+
         $user['id'] = (int) $user['id'];
         $user['default_project_id'] = (int) $user['default_project_id'];
         $user['is_admin'] = (bool) $user['is_admin'];
         $user['is_ldap_user'] = (bool) $user['is_ldap_user'];
+        $user['twofactor_activated'] = (bool) $user['twofactor_activated'];
 
         $this->session['user'] = $user;
     }
 
     /**
+     * Return true if the user has validated the 2FA key
+     *
+     * @access public
+     * @return bool
+     */
+    public function check2FA()
+    {
+        return isset($this->session['2fa_validated']) && $this->session['2fa_validated'] === true;
+    }
+
+    /**
+     * Return true if the user has 2FA enabled
+     *
+     * @access public
+     * @return bool
+     */
+    public function has2FA()
+    {
+        return isset($this->session['user']['twofactor_activated']) && $this->session['user']['twofactor_activated'] === true;
+    }
+
+    /**
      * Return true if the logged user is admin
      *
      * @access public