summaryrefslogtreecommitdiffstats
path: root/core/Middleware
diff options
context:
space:
mode:
Diffstat (limited to 'core/Middleware')
-rw-r--r--core/Middleware/TwoFactorMiddleware.php4
1 files changed, 4 insertions, 0 deletions
diff --git a/core/Middleware/TwoFactorMiddleware.php b/core/Middleware/TwoFactorMiddleware.php
index ea25aa36ecd..bcb06d20081 100644
--- a/core/Middleware/TwoFactorMiddleware.php
+++ b/core/Middleware/TwoFactorMiddleware.php
@@ -82,6 +82,10 @@ class TwoFactorMiddleware extends Middleware {
if ($this->twoFactorManager->isTwoFactorAuthenticated($user)) {
$this->checkTwoFactor($controller, $methodName);
+ } else if ($controller instanceof TwoFactorChallengeController) {
+ // Allow access to the two-factor controllers only if two-factor authentication
+ // is in progress.
+ throw new UserAlreadyLoggedInException();
}
}
// TODO: dont check/enforce 2FA if a auth token is used