Merge pull request #25051 from owncloud/2fa-raw-php-files

Check 2FA state for raw php files too

lib/private/legacy/json.php

@@ -64,7 +64,9 @@ class OC_JSON{
 	 * @deprecated Use annotation based ACLs from the AppFramework instead
 	 */
 	public static function checkLoggedIn() {
-		if( !OC_User::isLoggedIn()) {
+		$twoFactorAuthManger = \OC::$server->getTwoFactorAuthManager();
+		if( !OC_User::isLoggedIn()
+			|| $twoFactorAuthManger->needsSecondFactor()) {
 			$l = \OC::$server->getL10N('lib');
 			http_response_code(\OCP\AppFramework\Http::STATUS_UNAUTHORIZED);
 			self::error(array( 'data' => array( 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' )));

lib/private/legacy/util.php

@@ -970,6 +970,11 @@ class OC_Util {
 			);
 			exit();
 		}
+		// Redirect to index page if 2FA challenge was not solved yet
+		if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor()) {
+			header('Location: ' . \OCP\Util::linkToAbsolute('', 'index.php'));
+			exit();
+		}
 	}
 
 	/**