Fix login with multiple two-factor options
This commit is contained in:
parent
45a633cb33
commit
50987f7626
|
@ -25,21 +25,29 @@ func PerformSecondFactor(resp *TwoFactorResponse, cfg *config.Config) (TwoFactor
|
||||||
|
|
||||||
result, err := Fido2TwoFactor(chall, creds, cfg)
|
result, err := Fido2TwoFactor(chall, creds, cfg)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return WebAuthn, nil, err
|
twofactorLog.Error("Error during FIDO2 two-factor authentication: %s", err)
|
||||||
}
|
//return WebAuthn, nil, err
|
||||||
|
} else {
|
||||||
return WebAuthn, []byte(result), err
|
return WebAuthn, []byte(result), err
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
twofactorLog.Warn("WebAuthn is enabled for the account but goldwarden is not compiled with FIDO2 support")
|
twofactorLog.Warn("WebAuthn is enabled for the account but goldwarden is not compiled with FIDO2 support")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if _, isInMap := resp.TwoFactorProviders2[Authenticator]; isInMap {
|
if _, isInMap := resp.TwoFactorProviders2[Authenticator]; isInMap {
|
||||||
token, err := pinentry.GetPassword("Authenticator Second Factor", "Enter your two-factor auth code")
|
token, err := pinentry.GetPassword("Authenticator Second Factor", "Enter your two-factor auth code")
|
||||||
|
if err != nil {
|
||||||
|
twofactorLog.Error("Error during authenticator two-factor authentication: %s", err)
|
||||||
|
} else {
|
||||||
return Authenticator, []byte(token), err
|
return Authenticator, []byte(token), err
|
||||||
}
|
}
|
||||||
|
}
|
||||||
if _, isInMap := resp.TwoFactorProviders2[Email]; isInMap {
|
if _, isInMap := resp.TwoFactorProviders2[Email]; isInMap {
|
||||||
token, err := pinentry.GetPassword("Email Second Factor", "Enter your two-factor auth code")
|
token, err := pinentry.GetPassword("Email Second Factor", "Enter your two-factor auth code")
|
||||||
|
if err == nil {
|
||||||
return Email, []byte(token), err
|
return Email, []byte(token), err
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return Authenticator, []byte{}, errors.New("no second factor available")
|
return Authenticator, []byte{}, errors.New("no second factor available")
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue