AC-9797: 2FA functionality enhancement

Rizwan Khan · Rizwan Khan · commit 83a5728221df · 2024-05-24T12:17:26.000+05:30
diff --git a/TwoFactorAuth/Controller/Adminhtml/Authy/Authpost.php b/TwoFactorAuth/Controller/Adminhtml/Authy/Authpost.php
@@ -21,6 +21,7 @@
 use Magento\User\Model\User;
 use Magento\Framework\App\Config\ScopeConfigInterface;
 use Magento\User\Model\ResourceModel\User as UserResource;
+use Magento\Framework\App\ObjectManager;
 
 /**
  * @SuppressWarnings(PHPMD.CamelCaseMethodName)
@@ -80,7 +81,7 @@ class Authpost extends AbstractAction implements HttpPostActionInterface
     /**
      * @var UserResource
      */
-    protected $userResource;
+    private $userResource;
 
     /**
      * @param Action\Context $context
@@ -91,8 +92,8 @@ class Authpost extends AbstractAction implements HttpPostActionInterface
      * @param TfaInterface $tfa
      * @param AlertInterface $alert
      * @param DataObjectFactory $dataObjectFactory
-     * @param UserResource $userResource
-     * @param ScopeConfigInterface $scopeConfig
+     * @param UserResource|null $userResource
+     * @param ScopeConfigInterface|null $scopeConfig
      * @SuppressWarnings(PHPMD.ExcessiveParameterList)
      */
     public function __construct(
@@ -104,8 +105,8 @@ public function __construct(
         TfaInterface $tfa,
         AlertInterface $alert,
         DataObjectFactory $dataObjectFactory,
-        UserResource $userResource,
-        ScopeConfigInterface $scopeConfig
+        ?UserResource $userResource = null,
+        ?ScopeConfigInterface $scopeConfig = null
     ) {
         parent::__construct($context);
         $this->tfa = $tfa;
@@ -115,8 +116,8 @@ public function __construct(
         $this->authy = $authy;
         $this->dataObjectFactory = $dataObjectFactory;
         $this->alert = $alert;
-        $this->userResource = $userResource;
-        $this->scopeConfig = $scopeConfig;
+        $this->scopeConfig = $scopeConfig ?? ObjectManager::getInstance()->get(ScopeConfigInterface::class);
+        $this->userResource = $userResource ?? ObjectManager::getInstance()->get(UserResource::class);
     }
 
     /**
@@ -140,7 +141,7 @@ public function execute()
         try {
             if (!$this->allowApiRetries()) { //locked the user
                 $lockThreshold = $this->scopeConfig->getValue(self::XML_PATH_2FA_LOCK_EXPIRE);
-                if ($this->userResource->lock($user->getId(), 0, $lockThreshold)) {
+                if ($this->userResource->lock((int)$user->getId(), 0, $lockThreshold)) {
                     $result->setData(['success' => false, 'message' => "Your account is temporarily disabled."]);
                     return $result;
                 }
diff --git a/TwoFactorAuth/Controller/Adminhtml/Google/Authpost.php b/TwoFactorAuth/Controller/Adminhtml/Google/Authpost.php
@@ -21,6 +21,7 @@
 use Magento\User\Model\User;
 use Magento\Framework\App\Config\ScopeConfigInterface;
 use Magento\User\Model\ResourceModel\User as UserResource;
+use Magento\Framework\App\ObjectManager;
 
 /**
  * Google authenticator post controller
@@ -92,8 +93,8 @@ class Authpost extends AbstractAction implements HttpPostActionInterface
      * @param TfaInterface $tfa
      * @param AlertInterface $alert
      * @param DataObjectFactory $dataObjectFactory
-     * @param UserResource $userResource
-     * @param ScopeConfigInterface $scopeConfig
+     * @param UserResource|null $userResource
+     * @param ScopeConfigInterface|null $scopeConfig
      * @SuppressWarnings(PHPMD.ExcessiveParameterList)
      */
     public function __construct(
@@ -105,8 +106,8 @@ public function __construct(
         TfaInterface $tfa,
         AlertInterface $alert,
         DataObjectFactory $dataObjectFactory,
-        UserResource $userResource,
-        ScopeConfigInterface $scopeConfig
+        ?UserResource $userResource = null,
+        ?ScopeConfigInterface $scopeConfig = null
     ) {
         parent::__construct($context);
         $this->tfa = $tfa;
@@ -116,8 +117,8 @@ public function __construct(
         $this->tfaSession = $tfaSession;
         $this->dataObjectFactory = $dataObjectFactory;
         $this->alert = $alert;
-        $this->userResource = $userResource;
-        $this->scopeConfig = $scopeConfig;
+        $this->scopeConfig = $scopeConfig ?? ObjectManager::getInstance()->get(ScopeConfigInterface::class);
+        $this->userResource = $userResource ?? ObjectManager::getInstance()->get(UserResource::class);
     }
 
     /**
@@ -134,7 +135,7 @@ public function execute()
 
         if (!$this->allowApiRetries()) { //locked the user
             $lockThreshold = $this->scopeConfig->getValue(self::XML_PATH_2FA_LOCK_EXPIRE);
-            if ($this->userResource->lock($user->getId(), 0, $lockThreshold)) {
+            if ($this->userResource->lock((int)$user->getId(), 0, $lockThreshold)) {
                 $response->setData(['success' => false, 'message' => "Your account is temporarily disabled."]);
                 return $response;
             }
