/** * Check 2FA * * @access public */ public function handle2FA($controller, $action) { $ignore = $controller === 'twofactor' && in_array($action, array('code', 'check')) || $controller === 'auth' && $action === 'logout'; if ($ignore === false && $this->userSession->has2FA() && !$this->userSession->check2FA()) { if ($this->request->isAjax()) { $this->response->text('Not Authorized', 401); } $this->response->redirect($this->helper->url->to('twofactor', 'code')); } }