$u = DB_DataObject::factory($tbl);
$s = DB_DataObject::Factory('core_setting');
+ $oath_require = $s->lookup('core', 'two_factor_authentication_requirement');
+
if (!$u->isAuth()) {
$this->jok(array(
'id' => 0,
- 'disable_oath' => empty($s->lookup('core', 'two_factor_authentication')) ? 0 : 1
- )); // not logged in..
+ 'require_oath' => empty($oath_require) || $oath_require->val == 1 ? 1 : 0
+ ));
exit;
}
+
//die("got here?");
$au = $u->getAuthUser();
if(
!empty($u->oath_key) &&
- !$u->checkTwoFactorAuthentication($_REQUEST['oath_password'], $u->oath_key)
+ !$u->checkTwoFactorAuthentication($_REQUEST['oath_password'])
){
$this->jerror('LOGIN-BAD', 'You typed the wrong Username or Password (3)');
exit;