/**
* @param \phpbb\event\data $event
*
* @return \phpbb\event\data $event|null
* @throw http_exception
*/
public function auth_login_session_create_before($event)
{
if ($this->config['tfa_mode'] == session_helper_interface::MODE_DISABLED) {
return $event;
}
if (isset($event['login'], $event['login']['status']) && $event['login']['status'] == LOGIN_SUCCESS) {
// We have a LOGIN_SUCCESS result.
if ($this->session_helper->isTfaRequired($event['login']['user_row']['user_id'], $event['admin'], $event['user_row'])) {
if (!$this->session_helper->isTfaRegistered($event['login']['user_row']['user_id'])) {
// While 2FA is enabled, the user has no methods added.
// We simply return and continue the login procedure (The normal way :)),
// and will disable all pages until he has added a 2FA key.
return $event;
} else {
$this->session_helper->generate_page($event['login']['user_row']['user_id'], $event['admin'], $event['view_online'], !$this->request->is_set_post('viewonline'), $this->request->variable('redirect', ''));
}
}
}
return null;
}
