From a9adcd610844fb4c88163446e43a6b1df6bb5daa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Janko=20Marohni=C4=87?= Date: Sun, 17 Nov 2024 16:30:15 +0100 Subject: [PATCH] Add method that returns whether 2nd factor is not authenticated but setup --- demo-site/views/index.erb | 2 +- lib/rodauth/features/two_factor_base.rb | 19 ++++++------------- 2 files changed, 7 insertions(+), 14 deletions(-) diff --git a/demo-site/views/index.erb b/demo-site/views/index.erb index 35d18465..7c366389 100644 --- a/demo-site/views/index.erb +++ b/demo-site/views/index.erb @@ -16,7 +16,7 @@ <% if rodauth.logged_in_via_remember_key? %>
  • Confirm Password
  • <% end %> - <% if rodauth.uses_two_factor_authentication? && !rodauth.two_factor_authenticated? %> + <% if rodauth.two_factor_partially_authenticated? %>
  • Authenticate Using Additional Factor
  • <% else %>
  • Manage Multifactor Authentication
  • diff --git a/lib/rodauth/features/two_factor_base.rb b/lib/rodauth/features/two_factor_base.rb index 250845fb..5247b026 100644 --- a/lib/rodauth/features/two_factor_base.rb +++ b/lib/rodauth/features/two_factor_base.rb @@ -124,23 +124,12 @@ def two_factor_modifications_require_password? end def authenticated? - # False if not authenticated via single factor - return false unless super - - # True if already authenticated via 2nd factor - return true if two_factor_authenticated? - - # True if authenticated via single factor and 2nd factor not setup - !uses_two_factor_authentication? + super && !two_factor_partially_authenticated? end def require_authentication super - - # Avoid database query if already authenticated via 2nd factor - return if two_factor_authenticated? - - require_two_factor_authenticated if uses_two_factor_authentication? + require_two_factor_authenticated if two_factor_partially_authenticated? end def require_two_factor_setup @@ -188,6 +177,10 @@ def two_factor_password_match?(password) end end + def two_factor_partially_authenticated? + logged_in? && !two_factor_authenticated? && uses_two_factor_authentication? + end + def two_factor_authenticated? authenticated_by && authenticated_by.length >= 2 end