From 78af158c306fc7d71b33b6085a2a09ccef913a6f Mon Sep 17 00:00:00 2001 From: TrojanerHD Date: Sat, 24 Feb 2024 02:15:49 +0100 Subject: [PATCH] fix(backend): only check for 2fa if it was enabled fix(backend): don't reject logins where 2fa is disabled and security keys are available --- packages/backend/src/server/api/private/signin.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/backend/src/server/api/private/signin.ts b/packages/backend/src/server/api/private/signin.ts index 23ec32df5..039febfe6 100644 --- a/packages/backend/src/server/api/private/signin.ts +++ b/packages/backend/src/server/api/private/signin.ts @@ -116,7 +116,7 @@ export default async (ctx: Koa.Context) => { ); } - if (!profile.twoFactorEnabled) { + if (!profile.twoFactorEnabled && !profile.securityKeysAvailable) { if (same) { signin(ctx, user); return; @@ -128,7 +128,7 @@ export default async (ctx: Koa.Context) => { } } - if (token) { + if (token && profile.twoFactorEnabled) { if (!same) { await fail(403, { id: "932c904e-9460-45b7-9ce6-7ed33be7eb2c",