Merge pull request #14314 from nextcloud/enh/save_query

No need to check 2fa state on apptoken logins
author: Morris Jobke <hey@morrisjobke.de> 2019-02-25 21:27:13 +0100
committer: GitHub <noreply@github.com> 2019-02-25 21:27:13 +0100
commit: ea6ba53cc052a5007178d32ad2039ef7e4c9a9d4 (patch)
tree: c83181cd5839d69c288d73e7f325bd7f2fede209 /core
parent: ee5e76780174331f3447d6bea4f4c55f1e0cfef6 (diff)
parent: 8c778827941ecbd08daf8108fba056a05b85e309 (diff)
download: nextcloud-server-ea6ba53cc052a5007178d32ad2039ef7e4c9a9d4.tar.gz
nextcloud-server-ea6ba53cc052a5007178d32ad2039ef7e4c9a9d4.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/core/Middleware/TwoFactorMiddleware.php b/core/Middleware/TwoFactorMiddleware.php
index d3811f7d27e..167545b0df9 100644
--- a/core/Middleware/TwoFactorMiddleware.php
+++ b/core/Middleware/TwoFactorMiddleware.php
@@ -95,7 +95,8 @@ class TwoFactorMiddleware extends Middleware {
 		if ($this->userSession->isLoggedIn()) {
 			$user = $this->userSession->getUser();
 
-			if ($this->twoFactorManager->isTwoFactorAuthenticated($user)) {
+
+			if ($this->session->exists('app_password') || $this->twoFactorManager->isTwoFactorAuthenticated($user)) {
 				$this->checkTwoFactor($controller, $methodName, $user);
 			} else if ($controller instanceof TwoFactorChallengeController) {
 				// Allow access to the two-factor controllers only if two-factor authentication
author	Morris Jobke <hey@morrisjobke.de>	2019-02-25 21:27:13 +0100
committer	GitHub <noreply@github.com>	2019-02-25 21:27:13 +0100
commit	ea6ba53cc052a5007178d32ad2039ef7e4c9a9d4 (patch)
tree	c83181cd5839d69c288d73e7f325bd7f2fede209 /core
parent	ee5e76780174331f3447d6bea4f4c55f1e0cfef6 (diff)
parent	8c778827941ecbd08daf8108fba056a05b85e309 (diff)
download	nextcloud-server-ea6ba53cc052a5007178d32ad2039ef7e4c9a9d4.tar.gz nextcloud-server-ea6ba53cc052a5007178d32ad2039ef7e4c9a9d4.zip