Back to Two Factor Authentication Support

vdomah
vdomah

in Filipac\TwoFactor\Controllers\Two line 46 - there is Eloquent query searching Code by session id. But there is no check for expiration, so even after 2 days after login attempt I'm being redirected from backend login to 2fa code. Without possibility to request new 2fa auth code

Filip Pacurar
Filip Pacurar

So what is the exact problem? Can you give me steps to reproduce and I will try to fix it.

vdomah
vdomah

Steps I've described already in more details:

  • enter credentials to backend login form and login
  • I'm on 2fa code form
  • I don't enter the code
  • after 24 hours I open /backend url
  • I'm getting redirected to 2fa code form page

There is check for expiration in index_onValidateCode method. But no check in index method

1-3 of 3