block OCS if 2FA challenge needs to be solved first
This commit is contained in:
parent
7b4459d28d
commit
3ec6f4e165
|
@ -341,6 +341,10 @@ class OC_API {
|
|||
// reuse existing login
|
||||
$loggedIn = \OC::$server->getUserSession()->isLoggedIn();
|
||||
if ($loggedIn === true) {
|
||||
if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor()) {
|
||||
// Do not allow access to OCS until the 2FA challenge was solved successfully
|
||||
return false;
|
||||
}
|
||||
$ocsApiRequest = isset($_SERVER['HTTP_OCS_APIREQUEST']) ? $_SERVER['HTTP_OCS_APIREQUEST'] === 'true' : false;
|
||||
if ($ocsApiRequest) {
|
||||
|
||||
|
|
Loading…
Reference in New Issue