Fixed 2FA TOTP for non-admins, while also retaining validation of aut…

…h code This fixes issue #717
Part-DB · Oct 13, 2024 · a29d933 · a29d933
1 parent 49acf3e
commit a29d933
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/src/Controller/UserSettingsController.php b/src/Controller/UserSettingsController.php
@@ -331,7 +331,7 @@ public function userSettings(Request $request, EntityManagerInterface $em, UserP
         $google_form->handleRequest($request);
 
         //We do not need to check for validity of the google form here, because we do not care if the other fields are valid
-        if (!$this->demo_mode && !$user->isSamlUser() && $google_form->isSubmitted()) {
+        if (!$this->demo_mode && !$user->isSamlUser() && $google_form->isSubmitted() && $google_form->isValid()) {
             if (!$google_enabled) {
                 //Save 2FA settings (save secrets)
                 $user->setGoogleAuthenticatorSecret($google_form->get('googleAuthenticatorSecret')->getData());

diff --git a/src/Form/TFAGoogleSettingsType.php b/src/Form/TFAGoogleSettingsType.php
@@ -60,7 +60,7 @@ public function buildForm(FormBuilderInterface $builder, array $options): void
                             'pattern' => '\d*',
                             'autocomplete' => 'off',
                         ],
-                        'constraints' => [new ValidGoogleAuthCode()],
+                        'constraints' => [new ValidGoogleAuthCode(groups: ["google_authenticator"])],
                     ]
                 );
 
@@ -92,6 +92,7 @@ public function configureOptions(OptionsResolver $resolver): void
     {
         $resolver->setDefaults([
             'data_class' => User::class,
+            'validation_groups' => ['google_authenticator'],
         ]);
     }
 }