Differential D20020 Diff 47817 src/applications/settings/panel/PhabricatorMultiFactorSettingsPanel.php
Changeset View
Changeset View
Standalone View
Standalone View
src/applications/settings/panel/PhabricatorMultiFactorSettingsPanel.php
Show First 20 Lines • Show All 260 Lines • ▼ Show 20 Lines | if ($config) { | ||||
// If the user added a factor, give them a rate limiting point back. | // If the user added a factor, give them a rate limiting point back. | ||||
PhabricatorSystemActionEngine::willTakeAction( | PhabricatorSystemActionEngine::willTakeAction( | ||||
array($viewer->getPHID()), | array($viewer->getPHID()), | ||||
new PhabricatorAuthNewFactorAction(), | new PhabricatorAuthNewFactorAction(), | ||||
-1); | -1); | ||||
$config->save(); | $config->save(); | ||||
// If we used a temporary token to handle synchronizing the factor, | |||||
// revoke it now. | |||||
$sync_token = $config->getMFASyncToken(); | |||||
if ($sync_token) { | |||||
$sync_token->revokeToken(); | |||||
} | |||||
epriestley: This is new. We didn't revoke the tokens before since it's mostly pointless, but at least does… | |||||
$log = PhabricatorUserLog::initializeNewLog( | $log = PhabricatorUserLog::initializeNewLog( | ||||
$viewer, | $viewer, | ||||
$user->getPHID(), | $user->getPHID(), | ||||
PhabricatorUserLog::ACTION_MULTI_ADD); | PhabricatorUserLog::ACTION_MULTI_ADD); | ||||
$log->save(); | $log->save(); | ||||
$user->updateMultiFactorEnrollment(); | $user->updateMultiFactorEnrollment(); | ||||
▲ Show 20 Lines • Show All 127 Lines • Show Last 20 Lines |
This is new. We didn't revoke the tokens before since it's mostly pointless, but at least does something now that we have a limit on outstanding, unexpired sync attempts.