diff --git a/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php b/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php index 38c692c33..8306cbcb4 100644 --- a/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php +++ b/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php @@ -82,11 +82,11 @@ class SnappyMailHelper $oActions->Logger()->AddSecret($aCredentials[2]); $oAccount = $oActions->LoginProcess($aCredentials[1], $aCredentials[2]); if ($oAccount) { - $oActions->Plugins()->RunHook('login.success', array($oAccount)); $oActions->SetAuthToken($oAccount); if ($oConfig->Get('login', 'sign_me_auto', \RainLoop\Enumerations\SignMeType::DEFAULT_OFF) === \RainLoop\Enumerations\SignMeType::DEFAULT_ON) { $oActions->SetSignMeToken($oAccount); } + $oActions->Plugins()->RunHook('login.success', array($oAccount)); } } catch (\Throwable $e) { // Login failure, reset password to prevent more attempts diff --git a/plugins/two-factor-auth/index.php b/plugins/two-factor-auth/index.php index bcf86d767..dae372f08 100644 --- a/plugins/two-factor-auth/index.php +++ b/plugins/two-factor-auth/index.php @@ -1,6 +1,7 @@ addJs('js/TwoFactorAuthLogin.js'); $this->addJs('js/TwoFactorAuthSettings.js'); - $this->addHook('login.success', 'DoLogin'); +// $this->addHook('login.success', 'DoLogin'); + $this->addHook('imap.after-login', 'DoLogin'); $this->addHook('filter.app-data', 'FilterAppData'); $this->addJsonHook('GetTwoFactorInfo', 'DoGetTwoFactorInfo'); @@ -57,7 +59,8 @@ class TwoFactorAuthPlugin extends \RainLoop\Plugins\AbstractPlugin } } - public function DoLogin(MainAccount $oAccount) +// public function DoLogin(MainAccount $oAccount) + public function DoLogin(Account $oAccount) { if ($this->TwoFactorAuthProvider($oAccount)) { $aData = $this->getTwoFactorInfo($oAccount); @@ -240,10 +243,10 @@ class TwoFactorAuthPlugin extends \RainLoop\Plugins\AbstractPlugin return $this->Manager()->Actions()->StorageProvider(); } - private $oTwoFactorAuthProvider; + private $oTwoFactorAuthProvider = null; protected function TwoFactorAuthProvider(MainAccount $oAccount) : ?TwoFactorAuthInterface { - if (!$this->oTwoFactorAuthProvider) { + if (!$this->oTwoFactorAuthProvider && $oAccount instanceof MainAccount) { require __DIR__ . '/providers/interface.php'; require __DIR__ . '/providers/totp.php'; $this->oTwoFactorAuthProvider = new TwoFactorAuthTotp(); diff --git a/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/UserAuth.php b/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/UserAuth.php index 75a1952f1..8bef86a96 100644 --- a/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/UserAuth.php +++ b/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/UserAuth.php @@ -294,9 +294,6 @@ trait UserAuth { $this->oAdditionalAuthAccount = false; $this->oMainAuthAccount = $oAccount; - if (!isset($_COOKIE['smctoken'])) { - Cookies::set('smctoken', \base64_encode(\random_bytes(16)), 0, false); - } static::SetAccountCookie(self::AUTH_SPEC_TOKEN_KEY, $oAccount); } diff --git a/snappymail/v/0.0.0/app/libraries/snappymail/crypt.php b/snappymail/v/0.0.0/app/libraries/snappymail/crypt.php index 74246a40a..8028bd251 100644 --- a/snappymail/v/0.0.0/app/libraries/snappymail/crypt.php +++ b/snappymail/v/0.0.0/app/libraries/snappymail/crypt.php @@ -41,13 +41,14 @@ abstract class Crypt } /** - * When $key is empty, it will use a fingerprint of the user agent. + * When $key is empty, it will use the smctoken. */ private static function Passphrase(?string $key) : string { if (!$key) { if (empty($_COOKIE['smctoken'])) { - throw new \RuntimeException('Missing smctoken'); + \SnappyMail\Cookies::set('smctoken', \base64_encode(\random_bytes(16)), 0, false); +// throw new \RuntimeException('Missing smctoken'); } $key = $_COOKIE['smctoken'] . APP_VERSION; }