RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[BUGFIX] 2FA after 1FA only when necessary for access to target (#881) 

* prevents requirement to always 2FA if the user doesn't have permission to access a target URL
pull/882/head
James Elliott 2020-04-19 21:45:46 +10:00 committed by GitHub
parent 4b664cf15f
commit e72c653f6e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
internal/handlers/response.go
View File

@ -34,8 +34,8 @@ func Handle1FAResponse(ctx *middlewares.AutheliaCtx, targetURI string, username
ctx.Logger.Debugf("Required level for the URL %s is %d", targetURI, requiredLevel) ctx.Logger.Debugf("Required level for the URL %s is %d", targetURI, requiredLevel)
if requiredLevel > authorization.OneFactor { if requiredLevel == authorization.TwoFactor {
ctx.Logger.Warnf("%s requires more than 1FA, cannot be redirected to", targetURI) ctx.Logger.Warnf("%s requires 2FA, cannot be redirected yet", targetURI)
ctx.ReplyOK() ctx.ReplyOK()
return return
} }