Startsida Utforska Hjälp
Logga in
LBP
/
Organizr
spegling av https://github.com/causefx/Organizr.git
4
0
Fork 0
Filer Ärenden 0 Wiki
Bläddra i källkod

[V2] [Request] Disable Google Authenticator for Local Access (#1232)

CauseFX 6 år sedan
förälder
eef9398916
incheckning
3e983d3bfa
3 ändrade filer med 25 tillägg och 10 borttagningar
Delad Vy Visa Diff Statistik
  1. 2 1
      api/config/default.php
  2. 16 9
      api/functions/api-functions.php
  3. 7 0
      api/functions/organizr-functions.php

+ 2 - 1
api/config/default.php
Visa fil 

@@ -241,5 +241,6 @@ return array(
 
 	'homepagePlexRecentlyAddedMethod' => 'legacy',
 
 	'authProxyEnabled' => false,
 
 	'authProxyHeaderName' => '',
 
-	'authProxyWhitelist' => ''
 
+	'authProxyWhitelist' => '',
 
+	'ignoreTFALocal' => false
 
 );

+ 16 - 9
api/functions/api-functions.php
Visa fil 

@@ -188,15 +188,22 @@ function login($array)
 
 				}
 
 				// 2FA might go here
 
 				if ($result['auth_service'] !== 'internal' && strpos($result['auth_service'], '::') !== false) {
 
-					$TFA = explode('::', $result['auth_service']);
 
-					// Is code with login info?
 
-					if ($tfaCode == '') {
 
-						return '2FA';
 
-					} else {
 
-						if (!verify2FA($TFA[1], $tfaCode, $TFA[0])) {
 
-							writeLoginLog($username, 'error');
 
-							writeLog('error', 'Login Function - Wrong 2FA', $username);
 
-							return '2FA-incorrect';
 
+					$tfaProceed = true;
 
+					// Add check for local or not
 
+					if($GLOBALS['ignoreTFALocal'] !== false) {
 
+						$tfaProceed = (isLocal()) ? false : true;
 
+					}
 
+					if($tfaProceed) {
 
+						$TFA = explode('::', $result['auth_service']);
 
+						// Is code with login info?
 
+						if ($tfaCode == '') {
 
+							return '2FA';
 
+						} else {
 
+							if (!verify2FA($TFA[1], $tfaCode, $TFA[0])) {
 
+								writeLoginLog($username, 'error');
 
+								writeLog('error', 'Login Function - Wrong 2FA', $username);
 
+								return '2FA-incorrect';
 
+							}
 
 						}
 
 					}
 
 				}

+ 7 - 0
api/functions/organizr-functions.php
Visa fil 

@@ -604,6 +604,13 @@ function getSettingsMain()
 
 				'value' => $GLOBALS['plexStrictFriends'],
 
 				'help' => 'Enabling this will only allow Friends that have shares to the Machine ID entered above to login, Having this disabled will allow all Friends on your Friends list to login'
 
 			),
 
+			array(
 
+				'type' => 'switch',
 
+				'name' => 'ignoreTFALocal',
 
+				'label' => 'Ignore External 2FA on Local Subnet',
 
+				'value' => $GLOBALS['ignoreTFALocal'],
 
+				'help' => 'Enabling this will bypass external 2FA security if user is on local Subnet'
 
+			),
 
 			array(
 
 				'type' => 'input',
 
 				'name' => 'authBackendHost',