wip - catch decrypt fatal. need to ensure good UX

WordPress · Oct 25, 2022 · c30cd36 · c30cd36
1 parent 4ddc28f
commit c30cd36
Showing 1 changed file with 11 additions and 1 deletion.
diff --git a/providers/class-two-factor-totp.php b/providers/class-two-factor-totp.php
@@ -274,7 +274,17 @@ public function get_user_totp_key( $user_id ) {
 			$user_meta_value = self::encrypt( $user_meta_value, $user_id );
 			update_user_meta( $user_id, self::SECRET_META_KEY, $user_meta_value );
 		}
-		return self::decrypt( $user_meta_value, $user_id );
+
+		try {
+			$decrypted = self::decrypt( $user_meta_value, $user_id );
+		} catch ( RuntimeException $exception ) {
+			$decrypted = '';
+			// todo this is probably wrong.
+			// er maybe not
+			// means that the salt changed, and they need to rotate
+		}
+
+		return $decrypted;
 	}
 
 	/**