Pman/Login.php

[Pman.Base] / Pman / Login.php

diff --git a/Pman/Login.php b/Pman/Login.php
index 558b8e1..e822011 100644 (file)
--- a/Pman/Login.php
+++ b/Pman/Login.php
@@ -129,11 +129,23 @@ class Pman_Login extends Pman
         $tbl = empty($ff->Pman['authTable']) ? 'core_person' : $ff->Pman['authTable'];
         
         $u = DB_DataObject::factory($tbl);
+        $s = DB_DataObject::factory('core_setting');
+        $oath_require_val = 1;
+        $oath_require = $s->lookup('core', 'two_factor_authentication_requirement');
+        if(!empty($oath_require)) {
+            if($oath_require->val == 0) {
+                $oath_require_val = 0;
+            }
+        } 
+        
         if (!$u->isAuth()) {
-             
-            $this->jok(array('id' => 0)); // not logged in..
+            $this->jok(array(
+                'id' => 0,
+                'require_oath' => $oath_require_val
+            ));
             exit;
         }
+        
         //die("got here?");
         $au = $u->getAuthUser();
         
@@ -314,7 +326,10 @@ class Pman_Login extends Pman
             exit;
         }
         
-        if(!empty($u->oath_key) && !$u->checkTwoFactorAuthentication(trim($_REQUEST['oath_password'],"\x10"))){
+        if(
+            !empty($u->oath_key) && 
+            !$u->checkTwoFactorAuthentication($_REQUEST['oath_password'])
+        ){
             $this->jerror('LOGIN-BAD', 'You typed the wrong Username or Password  (3)');
             exit;
         }