Rename activate2FA to activate_2fa and allow me for user updates

directus · Nov 8, 2019 · ab06c55 · ab06c55
1 parent 7b429ab
commit ab06c55
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 10 deletions.
diff --git a/src/core/Directus/Application/Http/Middleware/AuthenticationMiddleware.php b/src/core/Directus/Application/Http/Middleware/AuthenticationMiddleware.php
@@ -47,7 +47,7 @@ public function __invoke(Request $request, Response $response, callable $next)
 
         try {
             $user = $this->authenticate($request);
-            
+
             $hookEmitter = $this->container->get('hook_emitter');
             if (!$user && !$publicRoleId) {
                 $exception = new UserNotAuthenticatedException();
@@ -110,7 +110,7 @@ public function __invoke(Request $request, Response $response, callable $next)
             $hookEmitter->run('auth.fail', [$exception]);
             throw $exception;
         }
-       
+
         // TODO: Adding an user should auto set its ID and GROUP
         // TODO: User data should be casted to its data type
         // TODO: Make sure that the group is not empty
@@ -139,7 +139,7 @@ protected function authenticate(Request $request)
 
             $user = $authService->authenticateWithToken($authToken, $request->getAttribute('ignore_origin'));
         }
-        
+
         return $user;
     }
 
@@ -226,8 +226,11 @@ protected function targetIsUserEdit(Request $request, int $id) {
 
         if ($num_elements > 3
             &&$target_array[$num_elements - 3] == 'users'
-            && $target_array[$num_elements - 2] == strval($id)
-            && $target_array[$num_elements - 1] == 'activate2FA') {
+            && (
+                $target_array[$num_elements - 2] == strval($id) ||
+                $target_array[$num_elements - 2] == 'me'
+            )
+            && $target_array[$num_elements - 1] == 'activate_2fa') {
             return true;
         }
 

diff --git a/src/core/Directus/Services/UsersService.php b/src/core/Directus/Services/UsersService.php
@@ -429,8 +429,8 @@ protected function enforceLastAdmin($id)
     public function activate2FA($id, $tfa_secret, $otp)
     {
         $this->validate(
-            ['tfa_secret' => $tfa_secret, 'otp' => $otp],
-            ['tfa_secret' => 'required|string', 'otp' => 'required|string']
+            ['2fa_secret' => $tfa_secret, 'otp' => $otp],
+            ['2fa_secret' => 'required|string', 'otp' => 'required|string']
         );
 
         $ga = new Google2FA();

diff --git a/src/endpoints/Users.php b/src/endpoints/Users.php
@@ -37,7 +37,7 @@ public function __invoke(Application $app)
         $app->patch('/{id}/tracking/page', [$this, 'trackPage']);
 
         // Enable 2FA
-        $app->post('/{id}/activate2FA', [$this, 'activate2FA']);
+        $app->post('/{id}/activate_2fa', [$this, 'activate2FA']);
     }
 
     /**
@@ -135,7 +135,7 @@ public function update(Request $request, Response $response)
         if (strpos($id, ',') !== false) {
             return $this->batch($request, $response);
         }
-      
+
         $responseData = $service->update(
             $id,
             $payload,
@@ -286,7 +286,7 @@ public function activate2FA(Request $request, Response $response)
         $service = new UsersService($this->container);
         $responseData = $service->activate2FA(
             $request->getAttribute('id'),
-            $request->getParsedBodyParam('tfa_secret'),
+            $request->getParsedBodyParam('2fa_secret'),
             $request->getParsedBodyParam('otp')
         );