Page MenuHomePhorge
Files F2896341

No OneTemporary
Actions

View Options

diff --git a/src/applications/auth/controller/mfa/PhabricatorAuthChallengeStatusController.php b/src/applications/auth/controller/mfa/PhabricatorAuthChallengeStatusController.php
index 884bbaad6d..3fbffabc89 100644
--- a/src/applications/auth/controller/mfa/PhabricatorAuthChallengeStatusController.php
+++ b/src/applications/auth/controller/mfa/PhabricatorAuthChallengeStatusController.php
@@ -1,40 +1,46 @@
<?php
final class PhabricatorAuthChallengeStatusController
extends PhabricatorAuthController {
+ public function shouldAllowPartialSessions() {
+ // We expect that users may request the status of an MFA challenge when
+ // they hit the session upgrade gate on login.
+ return true;
+ }
+
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$id = $request->getURIData('id');
$now = PhabricatorTime::getNow();
$result = new PhabricatorAuthChallengeUpdate();
$challenge = id(new PhabricatorAuthChallengeQuery())
->setViewer($viewer)
->withIDs(array($id))
->withUserPHIDs(array($viewer->getPHID()))
->withChallengeTTLBetween($now, null)
->executeOne();
if ($challenge) {
$config = id(new PhabricatorAuthFactorConfigQuery())
->setViewer($viewer)
->withPHIDs(array($challenge->getFactorPHID()))
->executeOne();
if ($config) {
$provider = $config->getFactorProvider();
$factor = $provider->getFactor();
$result = $factor->newChallengeStatusView(
$config,
$provider,
$viewer,
$challenge);
}
}
return id(new AphrontAjaxResponse())
->setContent($result->newContent());
}
}

File Metadata

Mime Type
text/x-diff
Expires
Jan 19 2025, 22:55 (6 w, 3 d ago)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
1129623
Default Alt Text
(1 KB)

Event Timeline

Content licensed under Creative Commons Attribution-ShareAlike 4.0 (CC-BY-SA) unless otherwise noted; code licensed under Apache 2.0 or other open source licenses. · CC BY-SA 4.0 · Apache 2.0