1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-28 08:20:57 +01:00
phorge-phorge/src
epriestley 587e9cea19 Always require MFA to edit contact numbers
Summary:
Depends on D20023. Ref T13222. Although I think this isn't strictly necessary from a pure security perspective (since you can't modify the primary number while you have MFA SMS), it seems like a generally good idea.

This adds a slightly new MFA mode, where we want MFA if it's available but don't strictly require it.

Test Plan: Disabled, enabled, primaried, unprimaried, and edited contact numbers. With MFA enabled, got prompted for MFA. With no MFA, no prompts.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13222

Differential Revision: https://secure.phabricator.com/D20024
2019-01-23 14:19:56 -08:00
..
__tests__ Use PhutilClassMapQuery instead of PhutilSymbolLoader 2015-08-14 07:49:01 +10:00
aphront Improve UI messaging around "one-shot" vs "session upgrade" MFA 2018-12-28 00:11:36 -08:00
applications Always require MFA to edit contact numbers 2019-01-23 14:19:56 -08:00
docs Update bin/auth MFA commands for the new "MFA Provider" indirection layer 2019-01-23 13:38:44 -08:00
extensions Add src/extensions/ to Phabricator 2013-08-14 15:38:06 -07:00
infrastructure Update Postmark adapter for multiple mail media 2019-01-16 13:00:34 -08:00
view Improve UI for "wait" and "answered" MFA challenges 2018-12-28 00:18:53 -08:00
__phutil_library_init__.php
__phutil_library_map__.php Always require MFA to edit contact numbers 2019-01-23 14:19:56 -08:00