diff --git a/demo-site/views/index.erb b/demo-site/views/index.erb
index 35d18465..47a1653e 100644
--- a/demo-site/views/index.erb
+++ b/demo-site/views/index.erb
@@ -16,10 +16,10 @@
<% if rodauth.logged_in_via_remember_key? %>
Confirm Password
<% end %>
- <% if rodauth.uses_two_factor_authentication? && !rodauth.two_factor_authenticated? %>
- Authenticate Using Additional Factor
- <% else %>
+ <% if rodauth.two_factor_authentication_satisfied? %>
Manage Multifactor Authentication
+ <% else %>
+ Authenticate Using Additional Factor
<% end %>
<% else %>
diff --git a/lib/rodauth/features/two_factor_base.rb b/lib/rodauth/features/two_factor_base.rb
index 250845fb..75721214 100644
--- a/lib/rodauth/features/two_factor_base.rb
+++ b/lib/rodauth/features/two_factor_base.rb
@@ -124,23 +124,12 @@ def two_factor_modifications_require_password?
end
def authenticated?
- # False if not authenticated via single factor
- return false unless super
-
- # True if already authenticated via 2nd factor
- return true if two_factor_authenticated?
-
- # True if authenticated via single factor and 2nd factor not setup
- !uses_two_factor_authentication?
+ super && two_factor_authentication_satisfied?
end
def require_authentication
super
-
- # Avoid database query if already authenticated via 2nd factor
- return if two_factor_authenticated?
-
- require_two_factor_authenticated if uses_two_factor_authentication?
+ require_two_factor_authenticated unless two_factor_authentication_satisfied?
end
def require_two_factor_setup
@@ -188,6 +177,10 @@ def two_factor_password_match?(password)
end
end
+ def two_factor_authentication_satisfied?
+ two_factor_authenticated? || !uses_two_factor_authentication?
+ end
+
def two_factor_authenticated?
authenticated_by && authenticated_by.length >= 2
end