Appwrite/appwrite
1
0
Fork 0
mirror of https://github.com/appwrite/appwrite.git synced 2026-05-26 13:51:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(auth): fix challenge type check

Browse Source 
The factor parameter is case insensitive so we need to make sure
comparing the parameter to the constant is case insensitive too.
This commit is contained in:
Steven Nguyen
2024-04-16 23:44:46 -07:00
committed by GitHub
parent 05dd17bd55
commit 2f7aff3a44
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/controllers/api/account.php
+2 -2
View File
@@ -4069,7 +4069,7 @@ App::put('/v1/account/mfa/challenge')
$recoveryCodeChallenge = function (Document $challenge, Document $user, string $otp) use ($dbForProject) {
if (
$challenge->isSet('type') &&
$challenge->getAttribute('type') === Type::RECOVERY_CODE
$challenge->getAttribute('type') === \strtolower(Type::RECOVERY_CODE)
) {
$mfaRecoveryCodes = $user->getAttribute('mfaRecoveryCodes', []);
if (in_array($otp, $mfaRecoveryCodes)) {
@@ -4091,7 +4091,7 @@ App::put('/v1/account/mfa/challenge')
Type::TOTP => Challenge\TOTP::challenge($challenge, $user, $otp),
Type::PHONE => Challenge\Phone::challenge($challenge, $user, $otp),
Type::EMAIL => Challenge\Email::challenge($challenge, $user, $otp),
Type::RECOVERY_CODE => $recoveryCodeChallenge($challenge, $user, $otp),
\strtolower(Type::RECOVERY_CODE) => $recoveryCodeChallenge($challenge, $user, $otp),
default => false
});