Do not let login message clobber MFA
This commit is contained in:
garrettmills
parent
f1bd6e1ad4
commit
c7f6172d56
@ -608,7 +608,7 @@ class AuthController extends Controller {
|
|||||||
// If there are login messages, show those
|
// If there are login messages, show those
|
||||||
const LoginMessage = this.models.get('LoginMessage')
|
const LoginMessage = this.models.get('LoginMessage')
|
||||||
const messages = await LoginMessage.for_user(user)
|
const messages = await LoginMessage.for_user(user)
|
||||||
if ( messages.length > 0 ) {
|
if ( !req.trap.has_trap('mfa_challenge') && messages.length > 0 ) {
|
||||||
await req.trap.begin('login_message', { session_only: true })
|
await req.trap.begin('login_message', { session_only: true })
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -688,8 +688,18 @@ class AuthController extends Controller {
|
|||||||
if ( is_valid ) {
|
if ( is_valid ) {
|
||||||
if ( req.trap.has_trap('mfa_challenge') )
|
if ( req.trap.has_trap('mfa_challenge') )
|
||||||
await req.trap.end()
|
await req.trap.end()
|
||||||
|
|
||||||
|
// If there are login messages, show those
|
||||||
|
const LoginMessage = this.models.get('LoginMessage')
|
||||||
|
const messages = await LoginMessage.for_user(req.user)
|
||||||
|
if ( messages.length > 0 ) {
|
||||||
|
await req.trap.begin('login_message', { session_only: true })
|
||||||
|
}
|
||||||
|
|
||||||
next_destination = req.session.auth.flow || this.configs.get('auth.default_login_route')
|
next_destination = req.session.auth.flow || this.configs.get('auth.default_login_route')
|
||||||
delete req.session.auth.flow
|
|
||||||
|
if ( messages.length < 1 )
|
||||||
|
delete req.session.auth.flow
|
||||||
}
|
}
|
||||||
|
|
||||||
req.session.mfa_remember = true
|
req.session.mfa_remember = true
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user