Spiegel von
https://github.com/dani-garcia/vaultwarden.git
synchronisiert 2024-11-21 05:00:28 +01:00
Remove auth-request deletion (#5184)
2FA is needed to login even when using login-with-device. If the user didn't saved the 2FA token they still need to provide this. We deleted the auth-request after validation the request, but before 2FA was triggered. Removing the deletion of this record from that point as it will get cleaned-up automatically anyways. Signed-off-by: BlackDex <black.dex@gmail.com>
Dieser Commit ist enthalten in:
Ursprung
ba48ca68fc
Commit
e927b8aa5e
1 geänderte Dateien mit 0 neuen und 3 gelöschten Zeilen
|
@ -190,9 +190,6 @@ async fn _password_login(
|
||||||
)
|
)
|
||||||
};
|
};
|
||||||
|
|
||||||
// Delete the request after we used it
|
|
||||||
auth_request.delete(conn).await?;
|
|
||||||
|
|
||||||
if auth_request.user_uuid != user.uuid
|
if auth_request.user_uuid != user.uuid
|
||||||
|| !auth_request.approved.unwrap_or(false)
|
|| !auth_request.approved.unwrap_or(false)
|
||||||
|| ip.ip.to_string() != auth_request.request_ip
|
|| ip.ip.to_string() != auth_request.request_ip
|
||||||
|
|
Laden …
In neuem Issue referenzieren