X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FCore%2FAuthentication.php;h=646729c434014ac37794cdedf1ecc3d36c3e9f63;hb=58c8959da0ece9a23966b315310a3962542bc7f4;hp=1826602df4bbcf6be6df777e39f487481bc5cbe8;hpb=6071fe81b410ec6a971d0e45379a51809cbeec71;p=friendica.git

diff --git a/src/Core/Authentication.php b/src/Core/Authentication.php
index 1826602df4..646729c434 100644
--- a/src/Core/Authentication.php
+++ b/src/Core/Authentication.php
@@ -5,6 +5,7 @@
 
 namespace Friendica\Core;
 
+use Friendica\App;
 use Friendica\BaseObject;
 use Friendica\Util\BaseURL;
 
@@ -61,5 +62,26 @@ class Authentication extends BaseObject
 		session_unset();
 		session_destroy();
 	}
+
+	public static function twoFactorCheck($uid, App $a)
+	{
+		// Check user setting, if 2FA disabled return
+		if (!PConfig::get($uid, '2fa', 'verified')) {
+			return;
+		}
+
+		// Check current path, if 2fa authentication module return
+		if ($a->argc > 0 && in_array($a->argv[0], ['ping', '2fa', 'view', 'help', 'api', 'proxy', 'logout'])) {
+			return;
+		}
+
+		// Case 1: 2FA session present and valid: return
+		if (Session::get('2fa')) {
+			return;
+		}
+
+		// Case 2: No valid 2FA session: redirect to code verification page
+		$a->internalRedirect('2fa');
+	}
 }