mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

No need to check 2fa state on apptoken logins 

If you login with an apptoken there is no need to check 2FA state as
this does not apply to apptokens. Not checking saves us a query on each
request made from a client.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
Roeland Jago Douma 2019-02-20 17:40:40 +01:00
parent beba182248
commit 8c77882794
No known key found for this signature in database
GPG Key ID: F941078878347C0C
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
core/Middleware/TwoFactorMiddleware.php
View File

@ -95,7 +95,8 @@ class TwoFactorMiddleware extends Middleware {
if ($this->userSession->isLoggedIn()) {
$user = $this->userSession->getUser();
if ($this->twoFactorManager->isTwoFactorAuthenticated($user)) {
if ($this->session->exists('app_password') || $this->twoFactorManager->isTwoFactorAuthenticated($user)) {
$this->checkTwoFactor($controller, $methodName, $user);
} else if ($controller instanceof TwoFactorChallengeController) {
// Allow access to the two-factor controllers only if two-factor authentication