Fixed 2FA TOTP for non-admins, while also retaining validation of auth code

This fixes issue #717

src/Controller/UserSettingsController.php

@@ -331,7 +331,7 @@ class UserSettingsController extends AbstractController
         $google_form->handleRequest($request);
 
         //We do not need to check for validity of the google form here, because we do not care if the other fields are valid
-        if (!$this->demo_mode && !$user->isSamlUser() && $google_form->isSubmitted()) {
+        if (!$this->demo_mode && !$user->isSamlUser() && $google_form->isSubmitted() && $google_form->isValid()) {
             if (!$google_enabled) {
                 //Save 2FA settings (save secrets)
                 $user->setGoogleAuthenticatorSecret($google_form->get('googleAuthenticatorSecret')->getData());

src/Form/TFAGoogleSettingsType.php

@@ -60,7 +60,7 @@ class TFAGoogleSettingsType extends AbstractType
                             'pattern' => '\d*',
                             'autocomplete' => 'off',
                         ],
-                        'constraints' => [new ValidGoogleAuthCode()],
+                        'constraints' => [new ValidGoogleAuthCode(groups: ["google_authenticator"])],
                     ]
                 );
 
@@ -92,6 +92,7 @@ class TFAGoogleSettingsType extends AbstractType
     {
         $resolver->setDefaults([
             'data_class' => User::class,
+            'validation_groups' => ['google_authenticator'],
         ]);
     }
 }