saltyming/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-05-10 13:43:56 +00:00
Code Activity

Remove auth-request deletion

Browse source 
2FA is needed to login even when using login-with-device.
If the user didn't saved the 2FA token they still need to provide this.
We deleted the auth-request after validation the request, but before 2FA was triggered.

Removing the deletion of this record from that point as it will get cleaned-up automatically anyways.

Signed-off-by: BlackDex <black.dex@gmail.com>
This commit is contained in:
BlackDex 2024-11-12 15:21:58 +01:00
parent ba48ca68fc
commit 8672a979a5
No known key found for this signature in database
GPG key ID: 58C80A2AA6C765E1
1 changed files with 0 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/api/identity.rs
View file

@ -190,9 +190,6 @@ async fn _password_login(
)
};
// Delete the request after we used it
auth_request.delete(conn).await?;
if auth_request.user_uuid != user.uuid
|| !auth_request.approved.unwrap_or(false)
|| ip.ip.to_string() != auth_request.request_ip