From 1f84431dcb3c03a647ba60dbbbceabef31c66ab9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=B4me=20Chilliet?= <come.chilliet@fusiondirectory.org>
Date: Thu, 12 Dec 2019 11:15:48 +0100
Subject: [PATCH] :sparkles: feat(login) Enable TOTP second factor

issue #6059
---
 ihtml/themes/breezy/secondfactor.tpl |  4 ++--
 include/login/class_LoginPost.inc    | 11 +++++++----
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/ihtml/themes/breezy/secondfactor.tpl b/ihtml/themes/breezy/secondfactor.tpl
index 8dac1d49f..2c3111914 100644
--- a/ihtml/themes/breezy/secondfactor.tpl
+++ b/ihtml/themes/breezy/secondfactor.tpl
@@ -7,7 +7,7 @@
 <div id="window-container">
 
 <div id="window-div">
-<form action="index.php" method="post" id="loginform" name="loginform">
+<form action="" method="post" id="loginform" name="loginform">
 
 {$msg_dialogs}
   <div id="window-titlebar">
@@ -31,7 +31,7 @@
     <div>
     </div>
   </div>
-
+  <input type="hidden" name="CSRFtoken" value="{$CSRFtoken}"/>
 </form>
 </div>
 
diff --git a/include/login/class_LoginPost.inc b/include/login/class_LoginPost.inc
index c68f5ddbb..1359a4245 100644
--- a/include/login/class_LoginPost.inc
+++ b/include/login/class_LoginPost.inc
@@ -24,7 +24,7 @@
 class LoginPost extends LoginMethod
 {
   /*! \brief List of second factor methods, may be dynamic later */
-  static $secondFactorMethods = ['SecondFactorWebAuthn'];
+  static $secondFactorMethods = ['SecondFactorWebAuthn','SecondFactorTotp'];
 
   /*! \brief Displayed name */
   static function getLabel ()
@@ -67,13 +67,15 @@ class LoginPost extends LoginMethod
       ]);
 
       /* If needed redirect to second factor page */
+      $secondFactor = FALSE;
       foreach (static::$secondFactorMethods as $secondFactorMethod) {
         if (!class_available($secondFactorMethod)) {
           continue;
         }
-        if ($secondFactorMethod::hasSecondFactor()) {
-          static::redirectSecondFactorPage();
-        }
+        $secondFactor = ($secondFactorMethod::hasSecondFactor() || $secondFactor);
+      }
+      if ($secondFactor) {
+        static::redirectSecondFactorPage();
       }
 
       if ($success) {
@@ -208,6 +210,7 @@ class LoginPost extends LoginMethod
     $smarty->assign('date',         date('l, dS F Y H:i:s O'));
     $smarty->assign('lang',         preg_replace('/_.*$/', '', $lang));
     $smarty->assign('rtl',          Language::isRTL($lang));
+    $smarty->assign('CSRFtoken',    CSRFProtection::getToken());
 
     $methodOutputs = [];
 
-- 
GitLab