Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/engine/PhabricatorAuthSessionEngine.php
Show First 20 Lines • Show All 479 Lines • ▼ Show 20 Lines | $factors = id(new PhabricatorAuthFactorConfigQuery()) | ||||
)) | )) | ||||
->execute(); | ->execute(); | ||||
// Sort factors in the same order that they appear in on the Settings | // Sort factors in the same order that they appear in on the Settings | ||||
// panel. This means that administrators changing provider statuses may | // panel. This means that administrators changing provider statuses may | ||||
// change the order of prompts for users, but the alternative is that the | // change the order of prompts for users, but the alternative is that the | ||||
// Settings panel order disagrees with the prompt order, which seems more | // Settings panel order disagrees with the prompt order, which seems more | ||||
// disruptive. | // disruptive. | ||||
$factors = msort($factors, 'newSortVector'); | $factors = msortv($factors, 'newSortVector'); | ||||
// If the account has no associated multi-factor auth, just issue a token | // If the account has no associated multi-factor auth, just issue a token | ||||
// without putting the session into high security mode. This is generally | // without putting the session into high security mode. This is generally | ||||
// easier for users. A minor but desirable side effect is that when a user | // easier for users. A minor but desirable side effect is that when a user | ||||
// adds an auth factor, existing sessions won't get a free pass into hisec, | // adds an auth factor, existing sessions won't get a free pass into hisec, | ||||
// since they never actually got marked as hisec. | // since they never actually got marked as hisec. | ||||
if (!$factors) { | if (!$factors) { | ||||
return $this->issueHighSecurityToken($session, true); | return $this->issueHighSecurityToken($session, true); | ||||
▲ Show 20 Lines • Show All 674 Lines • Show Last 20 Lines |