Added 2FA to Delete:

tjlytle · tjlytle · commit c25e6d0b9fd1 · 2016-01-08T10:23:55.000-05:00
- Storing item ID in $_SESSION until successful verification.
- Checking for verify prompt on main app controller.
diff --git a/module/Todo/src/AppController.php b/module/Todo/src/AppController.php
@@ -11,6 +11,8 @@
 
 class AppController extends AbstractActionController
 {
+    use VerifyTrait;
+
     const PARSE_CLASS = 'ToDo';
 
     /**
@@ -43,6 +45,10 @@ public function dispatch(Request $request, Response $response = null)
      */
     public function indexAction()
     {
+        if($view = $this->showVerifyIfNeeded()){
+            return $view;
+        }
+
         $query = new ParseQuery(self::PARSE_CLASS);
         $query->equalTo('user', $this->user);
 
@@ -86,12 +92,22 @@ public function deleteAction()
             return; //nothing to do
         }
 
-        $query = new ParseQuery(self::PARSE_CLASS);
-        try {
-            $item = $query->get($this->request->getPost('id'));
-            $item->destroy();
-        } catch (ParseException $e) {
-            $this->flashMessenger()->addErrorMessage($e->getMessage());
+        if(!$this->request->getPost('code')){
+            $_SESSION['todo']['delete'] = $this->request->getPost('id');
+            $this->startVerification($this->user->get('phoneNumber'), '/app/delete');
+            $this->redirect()->toRoute('app');
+        }
+
+        $code = $this->request->getPost('code');
+        if($this->checkCode($code)){
+            $query = new ParseQuery(self::PARSE_CLASS);
+            try {
+                $item = $query->get($_SESSION['todo']['delete']);
+                $item->destroy();
+                $_SESSION['todo']['delete'] = null;
+            } catch (ParseException $e) {
+                $this->flashMessenger()->addErrorMessage($e->getMessage());
+            }
         }
 
         $this->redirect()->toRoute('app');
