mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-27 20:28:54 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fixed problem preventing non-admins to add TOTP 2FA to their account

Browse source 
This was caused by the no-lockout constraint, which was accidentially triggered here
This commit is contained in:
Jan Böhmer 2024-10-13 20:13:03 +02:00
parent 234b5abb96
commit 49acf3e0cf
3 changed files with 5 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/Controller/UserSettingsController.php
View file

@ -330,7 +330,8 @@ class UserSettingsController extends AbstractController
}
$google_form->handleRequest($request);
if (!$this->demo_mode && !$user->isSamlUser() && $google_form->isSubmitted() && $google_form->isValid()) {
//We do not need to check for validity of the google form here, because we do not care if the other fields are valid
if (!$this->demo_mode && !$user->isSamlUser() && $google_form->isSubmitted()) {
if (!$google_enabled) {
//Save 2FA settings (save secrets)
$user->setGoogleAuthenticatorSecret($google_form->get('googleAuthenticatorSecret')->getData());