From 1d7fc284e5863bb8f6c8aafbc3b20807bfb5e80c Mon Sep 17 00:00:00 2001
From: Richard Steinmetz <richard@steinmetz.cloud>
Date: Tue, 17 Jun 2025 21:41:09 +0200
Subject: fix: generate csrf tokens if two factor challenge is ongoing

Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
---
 core/Controller/CSRFTokenController.php | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'core/Controller')

diff --git a/core/Controller/CSRFTokenController.php b/core/Controller/CSRFTokenController.php
index 4fdd669e144..edf7c26e94c 100644
--- a/core/Controller/CSRFTokenController.php
+++ b/core/Controller/CSRFTokenController.php
@@ -34,6 +34,8 @@ class CSRFTokenController extends Controller {
 	 *
 	 * 200: CSRF token returned
 	 * 403: Strict cookie check failed
+	 *
+	 * @NoTwoFactorRequired
 	 */
 	#[PublicPage]
 	#[NoCSRFRequired]
-- 
cgit v1.2.3