summaryrefslogtreecommitdiff
path: root/packages/backend/src/server/api/SigninApiService.ts
diff options
context:
space:
mode:
Diffstat (limited to 'packages/backend/src/server/api/SigninApiService.ts')
-rw-r--r--packages/backend/src/server/api/SigninApiService.ts7
1 files changed, 7 insertions, 0 deletions
diff --git a/packages/backend/src/server/api/SigninApiService.ts b/packages/backend/src/server/api/SigninApiService.ts
index d68b2617e3..58a5cca4fc 100644
--- a/packages/backend/src/server/api/SigninApiService.ts
+++ b/packages/backend/src/server/api/SigninApiService.ts
@@ -160,6 +160,13 @@ export class SigninApiService {
});
}
+ if (profile.twoFactorBackupSecret?.includes(token)) {
+ await this.userProfilesRepository.update({ userId: profile.userId }, {
+ twoFactorBackupSecret: profile.twoFactorBackupSecret.filter((secret) => secret !== token),
+ });
+ return this.signinService.signin(request, reply, user);
+ }
+
const delta = OTPAuth.TOTP.validate({
secret: OTPAuth.Secret.fromBase32(profile.twoFactorSecret!),
digits: 6,
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-04-20 14:52:50 +0000