Enhanced ValidateAuthenticationFilter and not-allowed-ip filter to ha…

…ndle cases when user is not authenticated yet
hiqdev · Aug 8, 2017 · cea0e53 · cea0e53
1 parent c82ddcc
commit cea0e53
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 4 deletions.
diff --git a/src/controllers/AllowedIpsController.php b/src/controllers/AllowedIpsController.php
@@ -35,8 +35,15 @@ public function behaviors()
                         'allow' => true,
                         'matchCallback' => function ($action) {
                             $filter = new ValidateAuthenticationFilter();
+
+                            $identity = Yii::$app->user->identity ?: $this->module->getHalfUser();
+
+                            if ($identity === null) {
+                                return false;
+                            }
+
                             try {
-                                $filter->validateAuthentication(Yii::$app->user->identity);
+                                $filter->validateAuthentication($identity);
                             } catch (AuthenticationException $e) {
                                 // Show this page only when user have problems with IP
                                 return true;

diff --git a/src/filters/ValidateAuthenticationFilter.php b/src/filters/ValidateAuthenticationFilter.php
@@ -24,11 +24,12 @@ class ValidateAuthenticationFilter extends ActionFilter
 
     public function beforeAction($action)
     {
-        if (Yii::$app->user->isGuest) {
+        $identity = Yii::$app->user->identity;
+
+        if (Yii::$app->user->isGuest || $identity === null) {
             return $this->denyAccess(new NotAuthenticatedException());
         }
 
-        $identity = Yii::$app->user->identity;
         try {
             $this->validateAuthentication($identity);
         } catch (AuthenticationException $e) {

diff --git a/src/messages/ru/mfa.php b/src/messages/ru/mfa.php
@@ -34,4 +34,5 @@
     'Wrong verification code. Please verify your secret and try again.' => 'Неправильный проверочный код. Пожалуйста, проверьте ваш секретный код и попробуйте снова.',
     'You are not allowed to login from this IP' => 'Вам не разрешен доступ с этого IP',
     'enter this text code instead' => 'введите этот код',
+    'Or log out and sign in as a different user' => 'Или выйти и зайти другим пользователем'
 ];
diff --git a/src/views/allowed-ips/notAllowedIp.php b/src/views/allowed-ips/notAllowedIp.php
@@ -14,5 +14,9 @@
 </p>
 
 <p align="center">
-    <?= Html::a(Yii::t('mfa', 'Add this IP to the list of allowed IPs'), ['token' => 'send']) ?>
+    <b><?= Html::a(Yii::t('mfa', 'Add this IP to the list of allowed IPs'), ['token' => 'send']) ?></b>
+</p>
+
+<p align="center">
+    <?= Html::a(Yii::t('mfa', 'Or log out and sign in as a different user'), ['/site/logout']) ?>
 </p>