diff --git a/tfa.module b/tfa.module index 8744b2e..a77b760 100644 --- a/tfa.module +++ b/tfa.module @@ -396,21 +396,20 @@ function tfa_login_hash($account) { */ function tfa_page_alter() { global $user; - + // User is not logged, can bypass the requirement to setup TFA or cannot + // setup their own TFA. if (!user_is_logged_in() || user_access('bypass tfa setup', $user) || !user_access('setup own tfa')) { - // User is not logged, can bypass the requirement to setup TFA - // or cannot setup their own TFA. return; } $user_tfa = tfa_basic_get_tfa_data($user); + // TFA has been done. if (isset($user_tfa['status']) && $user_tfa['status']) { - // TFA has been done. return; } + // This is a path we won't redirect on. if (_tfa_safe_path()) { - // This is a path we won't redirect on. return; } @@ -419,31 +418,32 @@ function tfa_page_alter() { } /** - * Based on visibility setting this function. + * Helper function to decide whether we redirect or not. * * @return bool * TRUE if this page is allowed to be accessed when not bypassing TFA setup. */ function _tfa_safe_path() { - $setting_pages = variable_get('force_tfa_pages', TFA_UNFORCED_PAGES); - $force_fta_page_match = FALSE; + $setting_pages = variable_get('tfa_unforced_pages', TFA_UNFORCED_PAGES); + $force_tfa_page_match = FALSE; // Match path if necessary. if (!empty($setting_pages)) { $pages = drupal_strtolower($setting_pages); $path = drupal_strtolower(drupal_get_path_alias($_GET['q'])); - $force_fta_page_match = drupal_match_path($path, $pages); + $force_tfa_page_match = drupal_match_path($path, $pages); } - return $force_fta_page_match; + return $force_tfa_page_match; } /** - * Decide whether an account requires TFA configured. + * Helper function to decide whether an account requires TFA configured. * + * @param object $account User account. * @return bool * If TRUE, the user should be prevented from logging in. */ function _tfa_account_requires_tfa($account) { return $account->uid != 1 && user_access('require tfa', $account); -} \ No newline at end of file +}