Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
/**
* @NoCSRFRequired
+ * @NoTwoFactorRequired
* @PublicPage
*
* @return DataDisplayResponse
* @param string $methodName
*/
public function beforeController($controller, $methodName) {
+ if ($this->reflector->hasAnnotation('NoTwoFactorRequired')) {
+ // Route handler explicitly marked to work without finished 2FA are
+ // not blocked
+ return;
+ }
+
if ($controller instanceof APIController && $methodName === 'poll') {
// Allow polling the twofactor nextcloud notifications state
return;