X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=src%2FWallabag%2FCoreBundle%2FController%2FConfigController.php;h=9257ab18df6ad092422e4003701195cf84c9d0c9;hb=refs%2Fpull%2F3857%2Fhead;hp=2643eed039298d996ff5ebfe90bcb9fc40ed250e;hpb=a0c5eb003f1cbeef10d5620e98870c7556e17c75;p=github%2Fwallabag%2Fwallabag.git

diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php
index 2643eed0..9257ab18 100644
--- a/src/Wallabag/CoreBundle/Controller/ConfigController.php
+++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php
@@ -161,11 +161,9 @@ class ConfigController extends Controller
     /**
      * Enable 2FA using email.
      *
-     * @param Request $request
-     *
      * @Route("/config/otp/email", name="config_otp_email")
      */
-    public function otpEmailAction(Request $request)
+    public function otpEmailAction()
     {
         if (!$this->getParameter('twofactor_auth')) {
             return $this->createNotFoundException('two_factor not enabled');
@@ -199,18 +197,25 @@ class ConfigController extends Controller
         }
 
         $user = $this->getUser();
+        $secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret();
+
+        $user->setGoogleAuthenticatorSecret($secret);
+        $user->setEmailTwoFactor(false);
 
-        if (!$user->isGoogleTwoFactor()) {
-            $secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret();
+        $backupCodes = (new BackupCodes())->toArray();
+        $backupCodesHashed = array_map(
+            function ($backupCode) {
+                return password_hash($backupCode, PASSWORD_DEFAULT);
+            },
+            $backupCodes
+        );
 
-            $user->setGoogleAuthenticatorSecret($secret);
-            $user->setEmailTwoFactor(false);
-            $user->setBackupCodes((new BackupCodes())->toArray());
+        $user->setBackupCodes($backupCodesHashed);
 
-            $this->container->get('fos_user.user_manager')->updateUser($user, true);
-        }
+        $this->container->get('fos_user.user_manager')->updateUser($user, true);
 
         return $this->render('WallabagCoreBundle:Config:otp_app.html.twig', [
+            'backupCodes' => $backupCodes,
             'qr_code' => $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user),
         ]);
     }