aboutsummaryrefslogtreecommitdiffstats
path: root/perllib
diff options
context:
space:
mode:
Diffstat (limited to 'perllib')
-rw-r--r--perllib/Catalyst/Authentication/Credential/2FA.pm4
-rw-r--r--perllib/FixMyStreet/App/Controller/Auth.pm11
2 files changed, 10 insertions, 5 deletions
diff --git a/perllib/Catalyst/Authentication/Credential/2FA.pm b/perllib/Catalyst/Authentication/Credential/2FA.pm
index 3f59ada06..f77f56bea 100644
--- a/perllib/Catalyst/Authentication/Credential/2FA.pm
+++ b/perllib/Catalyst/Authentication/Credential/2FA.pm
@@ -23,7 +23,9 @@ sub authenticate {
if (ref($user_obj)) {
# We don't care unless user has a 2FA secret, or the cobrand mandates it
- return $user_obj unless $user_obj->has_2fa || $c->cobrand->call_hook('must_have_2fa', $user_obj);
+ # We also don't care if the cobrand says we don't
+ my $must_have_2fa = $c->cobrand->call_hook('must_have_2fa', $user_obj) || '';
+ return $user_obj if $must_have_2fa eq 'skip' || !($user_obj->has_2fa || $must_have_2fa);
$c->stash->{token} = $c->get_param('token');
diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm
index 6badbf518..cecfa318c 100644
--- a/perllib/FixMyStreet/App/Controller/Auth.pm
+++ b/perllib/FixMyStreet/App/Controller/Auth.pm
@@ -277,10 +277,13 @@ sub process_login : Private {
if FixMyStreet->config('SIGNUPS_DISABLED') && !$user->in_storage && !$data->{old_user_id};
# People using 2FA need to supply a code
- if ($user->has_2fa) {
- $c->forward( 'token_2fa', [ $user, $url_token ] );
- } elsif ($c->cobrand->call_hook('must_have_2fa', $user)) {
- $c->forward( 'signup_2fa', [ $user ] );
+ my $must_have_2fa = $c->cobrand->call_hook('must_have_2fa', $user) || '';
+ if ($must_have_2fa ne 'skip') {
+ if ($user->has_2fa) {
+ $c->forward( 'token_2fa', [ $user, $url_token ] );
+ } elsif ($c->cobrand->call_hook('must_have_2fa', $user)) {
+ $c->forward( 'signup_2fa', [ $user ] );
+ }
}
if ($data->{old_user_id}) {