From 67b836164997527b91452b19adbcb8aa3c5decf1 Mon Sep 17 00:00:00 2001 From: Frederic Guillot Date: Sun, 15 May 2016 18:31:47 -0400 Subject: Refactoring: added controlled middleware and changed response class --- app/Controller/Twofactor.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'app/Controller/Twofactor.php') diff --git a/app/Controller/Twofactor.php b/app/Controller/Twofactor.php index 10292261..2eb61594 100644 --- a/app/Controller/Twofactor.php +++ b/app/Controller/Twofactor.php @@ -2,6 +2,8 @@ namespace Kanboard\Controller; +use Kanboard\Core\Controller\AccessForbiddenException; + /** * Two Factor Auth controller * @@ -14,11 +16,13 @@ class Twofactor extends User * Only the current user can access to 2FA settings * * @access private + * @param array $user + * @throws AccessForbiddenException */ private function checkCurrentUser(array $user) { if ($user['id'] != $this->userSession->getId()) { - $this->forbidden(); + throw new AccessForbiddenException(); } } @@ -145,7 +149,7 @@ class Twofactor extends User if ($provider->authenticate()) { $this->userSession->validatePostAuthentication(); $this->flash->success(t('The two factor authentication code is valid.')); - $this->response->redirect($this->helper->url->to('app', 'index')); + $this->response->redirect($this->helper->url->to('DashboardController', 'show')); } else { $this->flash->failure(t('The two factor authentication code is not valid.')); $this->response->redirect($this->helper->url->to('twofactor', 'code')); @@ -188,10 +192,10 @@ class Twofactor extends User 'twofactor_secret' => '', )); - $this->response->redirect($this->helper->url->to('user', 'show', array('user_id' => $user['id']))); + return $this->response->redirect($this->helper->url->to('user', 'show', array('user_id' => $user['id']))); } - $this->response->html($this->helper->layout->user('twofactor/disable', array( + return $this->response->html($this->helper->layout->user('twofactor/disable', array( 'user' => $user, ))); } -- cgit v1.2.3