function checkTwoFactorAuthentication($val)
{
// also used in login
-
- return true;
-
require_once 'System.php';
if(
return false;
}
- $cmd = "{$oathtool} --totp --base32 {$this->oath_key}";
+ $cmd = "{$oathtool} --totp --base32 " . escapeshellarg($this->oath_key);
$password = exec($cmd);
$aur['dailykey'] = '';
$aur['oath_key'] = '';
+ $aur['oath_key_enable'] = !empty($this->oath_key);
+ $aur['require_oath'] = 1;
+
$s = DB_DataObject::Factory('core_setting');
$oath_require = $s->lookup('core', 'two_factor_authentication_requirement');
- if(empty($oath_require) || $oath_require == 1) {
- $aur['oath_key_enable'] = !empty($this->oath_key);
- $aur['require_oath'] = 1;
- }
-
+ $aur['require_oath'] = $oath_require ? $oath_require->val : 0;
return $aur;
}