Make two-factor auth actually work

Summary: Ref T4398. Allows auth factors to render and validate when prompted to take a hi-sec action. This has a whole lot of rough edges still (see D8875) but does fundamentally work correctly. Test Plan: - Added two different TOTP factors to my account for EXTRA SECURITY. - Took hisec actions with no auth factors, and with attached auth factors. - Hit all the error/failure states of the hisec entry process. - Verified hisec failures appear in activity logs. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4398 Differential Revision: https://secure.phabricator.com/D8886
2014-04-28 10:20:54 -07:00
parent bf6bda6ef4
commit a017a8e02b
9 changed files with 171 additions and 36 deletions
--- a/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
+++ b/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
@@ -126,6 +126,8 @@ class AphrontDefaultApplicationConfiguration
    if ($ex instanceof PhabricatorAuthHighSecurityRequiredException) {

      $form = id(new PhabricatorAuthSessionEngine())->renderHighSecurityForm(
+        $ex->getFactors(),
+        $ex->getFactorValidationResults(),
        $user,
        $request);