Handle form submissions to login with no twofactor body field because otp moduel wants at least a string

1 year ago · 3f53c60a73
parent 69374012c3
commit 3f53c60a73
1 changed files with 1 additions and 1 deletions
--- a/models/forms/login.js
+++ b/models/forms/login.js
@ -33,7 +33,7 @@ module.exports = async (req, res) => {
 	const passwordMatch = await bcrypt.compare(password, account.passwordHash);

 	//2fA (TOTP) validation
-	const delta = await doTwoFactor(username, account.twofactor, req.body.twofactor);
+	const delta = await doTwoFactor(username, account.twofactor, req.body.twofactor || "");

 	//if password was correct and 2fa valid (if enabled)
 	if (passwordMatch === false