From 918f4ebcd82ce83046abac10146452f3c735bc51 Mon Sep 17 00:00:00 2001 From: epriestley Date: Tue, 18 Dec 2018 12:01:15 -0800 Subject: [PATCH] Fix a double-prompt for MFA when recovering a password account Summary: Depends on D19905. Ref T13222. In D19843, I refactored this stuff but `$jump_into_hisec` was dropped. This is a hint to keep the upgraded session in hisec mode, which we need to do a password reset when using a recovery link. Without it, we double prompt you for MFA: first to upgrade to a full session, then to change your password. Pass this into the engine properly to avoid the double-prompt. Test Plan: - Used `bin/auth recover` to get a partial session with MFA enabled and a password provider. - Before: double MFA prompt. - After: session stays upgraded when it becomes full, no second prompt. Reviewers: amckinley Reviewed By: amckinley Maniphest Tasks: T13222 Differential Revision: https://secure.phabricator.com/D19906 --- src/applications/auth/engine/PhabricatorAuthSessionEngine.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/applications/auth/engine/PhabricatorAuthSessionEngine.php b/src/applications/auth/engine/PhabricatorAuthSessionEngine.php index ff3b2adc05..66a3e9e8fb 100644 --- a/src/applications/auth/engine/PhabricatorAuthSessionEngine.php +++ b/src/applications/auth/engine/PhabricatorAuthSessionEngine.php @@ -434,7 +434,7 @@ final class PhabricatorAuthSessionEngine extends Phobject { $viewer, $request, $cancel_uri, - false, + $jump_into_hisec, true); }