diff options
| author | Matthew Somerville <matthew@mysociety.org> | 2019-11-04 14:55:38 +0000 |
|---|---|---|
| committer | Matthew Somerville <matthew@mysociety.org> | 2019-11-05 17:54:14 +0000 |
| commit | f3836beb9226ef7c22cefbb01673d72ce532e87c (patch) | |
| tree | 8b845ad8088ef1dc0350f2e3e2e91122232a493c /perllib/FixMyStreet/App/Controller/Auth.pm | |
| parent | 78f2bbaf9291572a86816e2ba05ec8972b0fd393 (diff) | |
Fix password reset on 2FA accounts again.
Just after fixing it, 3d593bc68 broke it again, because it took anyone
who must have 2FA switched on to the must-have-2FA sign up flow, even
if they already had 2FA set up.
Diffstat (limited to 'perllib/FixMyStreet/App/Controller/Auth.pm')
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Auth.pm | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm index 96ca8fdbc..8265506ab 100644 --- a/perllib/FixMyStreet/App/Controller/Auth.pm +++ b/perllib/FixMyStreet/App/Controller/Auth.pm @@ -277,8 +277,11 @@ sub process_login : Private { if FixMyStreet->config('SIGNUPS_DISABLED') && !$user->in_storage && !$data->{old_user_id}; # People using 2FA need to supply a code - $c->forward( 'token_2fa', [ $user, $url_token ] ) if $user->has_2fa; - $c->forward( 'signup_2fa', [ $user ] ) if $c->cobrand->call_hook('must_have_2fa', $user); + if ($user->has_2fa) { + $c->forward( 'token_2fa', [ $user, $url_token ] ); + } elsif ($c->cobrand->call_hook('must_have_2fa', $user)) { + $c->forward( 'signup_2fa', [ $user ] ); + } if ($data->{old_user_id}) { # Were logged in as old_user_id, want to switch to $user |