Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/matomo-org/matomo.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/plugins/TwoFactorAuth
diff options
context:
space:
mode:
authorPeter Zhang <peter@innocraft.com>2021-10-13 03:54:31 +0300
committerGitHub <noreply@github.com>2021-10-13 03:54:31 +0300
commite4a7b579622da9f585a9e662efc114b08b6fe08d (patch)
treea865e8af116e2a929a583e91910dce57fb628207 /plugins/TwoFactorAuth
parentf1cba6a5f168bdb3faf64e812b44d591d8afce08 (diff)
More verbose error message when login nonce check fails (#18051)
Diffstat (limited to 'plugins/TwoFactorAuth')
-rw-r--r--plugins/TwoFactorAuth/Controller.php8
1 files changed, 4 insertions, 4 deletions
diff --git a/plugins/TwoFactorAuth/Controller.php b/plugins/TwoFactorAuth/Controller.php
index daa97f21eb..e7936b5202 100644
--- a/plugins/TwoFactorAuth/Controller.php
+++ b/plugins/TwoFactorAuth/Controller.php
@@ -83,7 +83,8 @@ class Controller extends \Piwik\Plugin\Controller
$form->removeAttribute('action'); // remove action attribute, otherwise hash part will be lost
if ($form->validate()) {
$nonce = $form->getSubmitValue('form_nonce');
- if ($nonce && Nonce::verifyNonce(self::LOGIN_2FA_NONCE, $nonce) && $form->validate()) {
+ $messageNoAccess = Nonce::verifyNonceWithErrorMessage(self::LOGIN_2FA_NONCE, $nonce);
+ if ($nonce && $messageNoAccess === "" && $form->validate()) {
$authCode = $form->getSubmitValue('form_authcode');
if ($authCode && is_string($authCode)) {
$authCode = str_replace('-', '', $authCode);
@@ -106,8 +107,6 @@ class Controller extends \Piwik\Plugin\Controller
// ignore error eg if login plugin is disabled
}
}
- } else {
- $messageNoAccess = Piwik::translate('Login_InvalidNonceOrHeadersOrReferrer', array('<a target="_blank" rel="noreferrer noopener" href="https://matomo.org/faq/how-to-install/#faq_98">', '</a>'));
}
}
$superUsers = Request::processRequest('UsersManager.getUsersHavingSuperUserAccess', [], []);
@@ -288,7 +287,8 @@ class Controller extends \Piwik\Plugin\Controller
$this->validator->check2FaEnabled();
$regenerateNonce = Common::getRequestVar('regenerateNonce', '', 'string', $_POST);
- $postedValidNonce = !empty($regenerateNonce) && Nonce::verifyNonce(self::REGENERATE_CODES_2FA_NONCE, $regenerateNonce);
+ $postedValidNonce = !empty($regenerateNonce) && Nonce::verifyNonce(self::REGENERATE_CODES_2FA_NONCE,
+ $regenerateNonce);
$regenerateSuccess = false;
$regenerateError = false;
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-11 15:23:10 +0300