2FA set up is allowed when only backup codes are set up but no other provider and no provider is failing. This patch syncs up the login controller check with the challenge controller check 10 lines above. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>tags/v24.0.0beta1
@@ -109,7 +109,7 @@ class TwoFactorMiddleware extends Middleware { | |||
&& $this->twoFactorManager->needsSecondFactor($this->userSession->getUser())) { | |||
$providers = $this->twoFactorManager->getProviderSet($this->userSession->getUser()); | |||
if ($providers->getProviders() === [] && !$providers->isProviderMissing()) { | |||
if ($providers->getPrimaryProviders() === [] && !$providers->isProviderMissing()) { | |||
return; | |||
} | |||
} |