aboutsummaryrefslogtreecommitdiffhomepage
path: root/src/Wallabag/UserBundle/Entity/User.php
diff options
context:
space:
mode:
authorJeremy Benoist <jeremy.benoist@gmail.com>2019-01-23 14:43:39 +0100
committerJeremy Benoist <jeremy.benoist@gmail.com>2019-01-23 14:43:39 +0100
commit4654a83b6438b88e3b7062a21d18999d9df2fb8e (patch)
treef20677c3d68c1ea756f0835ff179a0d7d3431a67 /src/Wallabag/UserBundle/Entity/User.php
parent7485a272ffbcc045e6002b4bf4ea289ce0a0f3b4 (diff)
downloadwallabag-4654a83b6438b88e3b7062a21d18999d9df2fb8e.tar.gz
wallabag-4654a83b6438b88e3b7062a21d18999d9df2fb8e.tar.zst
wallabag-4654a83b6438b88e3b7062a21d18999d9df2fb8e.zip
Hash backup codes in the database using `password_hash`update-two-factor-bundle
Diffstat (limited to 'src/Wallabag/UserBundle/Entity/User.php')
-rw-r--r--src/Wallabag/UserBundle/Entity/User.php24
1 files changed, 22 insertions, 2 deletions
diff --git a/src/Wallabag/UserBundle/Entity/User.php b/src/Wallabag/UserBundle/Entity/User.php
index ab34e2bf..43fa6a80 100644
--- a/src/Wallabag/UserBundle/Entity/User.php
+++ b/src/Wallabag/UserBundle/Entity/User.php
@@ -339,7 +339,7 @@ class User extends BaseUser implements EmailTwoFactorInterface, GoogleTwoFactorI
339 */ 339 */
340 public function isBackupCode(string $code): bool 340 public function isBackupCode(string $code): bool
341 { 341 {
342 return \in_array($code, $this->backupCodes, true); 342 return false === $this->findBackupCode($code) ? false : true;
343 } 343 }
344 344
345 /** 345 /**
@@ -347,7 +347,7 @@ class User extends BaseUser implements EmailTwoFactorInterface, GoogleTwoFactorI
347 */ 347 */
348 public function invalidateBackupCode(string $code): void 348 public function invalidateBackupCode(string $code): void
349 { 349 {
350 $key = array_search($code, $this->backupCodes, true); 350 $key = $this->findBackupCode($code);
351 351
352 if (false !== $key) { 352 if (false !== $key) {
353 unset($this->backupCodes[$key]); 353 unset($this->backupCodes[$key]);
@@ -385,4 +385,24 @@ class User extends BaseUser implements EmailTwoFactorInterface, GoogleTwoFactorI
385 return $this->clients->first(); 385 return $this->clients->first();
386 } 386 }
387 } 387 }
388
389 /**
390 * Try to find a backup code from the list of backup codes of the current user.
391 *
392 * @param string $code Given code from the user
393 *
394 * @return string|false
395 */
396 private function findBackupCode(string $code)
397 {
398 foreach ($this->backupCodes as $key => $backupCode) {
399 // backup code are hashed using `password_hash`
400 // see ConfigController->otpAppAction
401 if (password_verify($code, $backupCode)) {
402 return $key;
403 }
404 }
405
406 return false;
407 }
388} 408}