Browse Source
Fix 2FA for Android (#7093)
The `RecoveryCode` Type should not be sent as a valid type which can be used.
Fixes #7092
Signed-off-by: BlackDex <black.dex@gmail.com>
main
1.35.7
Mathijs van Veluw
10 hours ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with
2 additions and
7 deletions
-
src/api/identity.rs
|
|
|
@ -756,13 +756,8 @@ async fn twofactor_auth( |
|
|
|
// Add TwoFactorTypes which are not stored as a record but might be enabled
|
|
|
|
// Since these types could also be not valid, we do some custom checks here
|
|
|
|
twofactor_ids.extend( |
|
|
|
[ |
|
|
|
(!CONFIG.disable_2fa_remember() && device.twofactor_remember.is_some()) |
|
|
|
.then_some(TwoFactorType::Remember as i32), |
|
|
|
user.totp_recover.is_some().then_some(TwoFactorType::RecoveryCode as i32), |
|
|
|
] |
|
|
|
.into_iter() |
|
|
|
.flatten(), |
|
|
|
(!CONFIG.disable_2fa_remember() && device.twofactor_remember.is_some()) |
|
|
|
.then_some(TwoFactorType::Remember as i32), |
|
|
|
); |
|
|
|
|
|
|
|
let selected_id = data.two_factor_provider.unwrap_or(twofactor_ids[0]); // If we aren't given a two factor provider, assume the first one
|
|
|
|
|
