if (!$u->isAuth()) {
$this->jok(array(
'id' => 0,
- 'require_oath' => $require_oath_val
+ 'require_oath' => 0
));
exit;
}
}
if(
- !empty($u->oath_key) &&
+ !empty($u->oath_key) &&
+ empty($_REQUEST['oath_password']) &&
!$u->checkTwoFactorAuthentication($_REQUEST['oath_password'])
){
$this->jerror('LOGIN-BAD', 'You typed the wrong Username or Password (3)');