|
|
|
@ -27,6 +27,7 @@ if ($VARS['progress'] == "1") {
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
if ($userpass_ok) {
|
|
|
|
|
$_SESSION['passok'] = true; // stop logins using only username and authcode
|
|
|
|
|
if (userHasTOTP($VARS['username'])) {
|
|
|
|
|
$multiauth = true;
|
|
|
|
|
} else {
|
|
|
|
@ -45,6 +46,10 @@ if ($VARS['progress'] == "1") {
|
|
|
|
|
insertAuthLog(8, null, "Username: " . $VARS['username']);
|
|
|
|
|
}
|
|
|
|
|
} else if ($VARS['progress'] == "2") {
|
|
|
|
|
if ($_SESSION['passok'] !== true) {
|
|
|
|
|
// stop logins using only username and authcode
|
|
|
|
|
sendError("Password integrity check failed!");
|
|
|
|
|
}
|
|
|
|
|
if (verifyTOTP($VARS['username'], $VARS['authcode'])) {
|
|
|
|
|
doLoginUser($VARS['username'], $VARS['password']);
|
|
|
|
|
insertAuthLog(1, $_SESSION['uid']);
|
|
|
|
|