Regression: Fixed broken 2FA form [#2109]

2025-10-31 02:16:26 +01:00 · 2021-04-07 14:14:04 +03:00
parent c4d90bfcd3
commit 9fca08ab43
5 changed files with 13 additions and 12 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,7 @@

 1. [](#bugfix)
    * Fixed missing `admin-preset.css` in multisite environments
+    * Regression: Fixed broken 2FA form [#2109](https://github.com/getgrav/grav-plugin-admin/issues/2109)

 # v1.10.9
 ## 04/06/2021
--- a/admin.php
+++ b/admin.php
@@ -34,7 +34,6 @@ use Grav\Plugin\Admin\Themes;
 use Grav\Plugin\Admin\AdminController;
 use Grav\Plugin\Admin\Twig\AdminTwigExtension;
 use Grav\Plugin\Admin\WhiteLabel;
-use Grav\Plugin\FlexObjects\FlexFormFactory;
 use Grav\Plugin\Form\Form;
 use Grav\Plugin\Form\Forms;
 use Grav\Plugin\Login\Login;
@@ -684,10 +683,10 @@ class AdminPlugin extends Plugin
        $twig->twig_vars['forms'] = $forms;

        // preserve form validation
-        if (!isset($twig->twig_vars['form'])) {
        if ($this->admin->form) {
            $twig->twig_vars['form'] = $this->admin->form;
-            } elseif (isset($header->form)) {
+        } elseif (!isset($twig->twig_vars['form'])) {
+            if (isset($header->form)) {
                $twig->twig_vars['form'] = new Form($page);
            } elseif (isset($header->forms)) {
                $twig->twig_vars['form'] = new Form($page, null, reset($header->forms));
--- a/classes/plugin/Controllers/Login/LoginController.php
+++ b/classes/plugin/Controllers/Login/LoginController.php
@@ -250,21 +250,26 @@ class LoginController extends AdminController
            return $this->createRedirectResponse('/');
        }

+        $login = $this->getLogin();
+
        $this->page = $this->createPage('login');
-        $this->form = $this->getForm('admin-login-twofa');
+        $this->form = $this->getForm('login-twofa');
        try {
            $this->checkNonce();
        } catch (PageExpiredException $e) {
            $this->setMessage($this->translate('PLUGIN_ADMIN.INVALID_SECURITY_TOKEN'), 'error');

-            return $this->createDisplayResponse();
+            // Failed 2FA nonce check, logout and redirect.
+            $login->logout(['admin' => true]);
+            $this->form->reset();
+
+            return $this->createRedirectResponse('/');
        }


        $post = $this->getPost();
        $data = $post['data'] ?? [];

-        $login = $this->getLogin();
        try {
            $twoFa = $login->twoFactorAuth();
        } catch (TwoFactorAuthException $e) {
--- a/themes/grav/templates/partials/login-form.html.twig
+++ b/themes/grav/templates/partials/login-form.html.twig
@@ -10,8 +10,6 @@
 {% endblock %}

 {% block form %}
-    {% set form = forms['login'] %}
-
    {% for field_name,field in form.fields %}
        {% if field.type %}
            {% set field = field|merge({ name: field.name ?? field_name }) %}
--- a/themes/grav/templates/partials/login-twofa.html.twig
+++ b/themes/grav/templates/partials/login-twofa.html.twig
@@ -5,8 +5,6 @@

 {% block form %}

-    {% set form = forms['login-twofa'] %}
-
    {% for field_name, field in form.fields %}
        {% if field.type %}
            {% set field = field|merge({ name: field.name ?? field_name }) %}