ARCG/ARCG-Remote-Station-Software
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

allow OTP login for all users when plugin is active

Browse Source 
Treat requested OTP auth as globally available whenever an OTP auth method plugin is enabled, independent of per-user enabledAuthMethods. This keeps OTP usable for all users without requiring per-user method toggles.
This commit is contained in:
OE6DXD
2026-03-16 13:42:13 +01:00
parent 7465c63b97
commit 8382bc7ae9
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
server/index.js
View File

@@ -2047,6 +2047,12 @@ function preferredAuthMethodId(methods) {
function resolveAuthMethodForUser(user, requestedMethodId) { function resolveAuthMethodForUser(user, requestedMethodId) {
const all = listPublicAuthMethods(); const all = listPublicAuthMethods();
if (requestedMethodId) {
const requestedPublic = all.find((entry) => entry.id === requestedMethodId) || null;
if (requestedPublic && requestedPublic.type === "otp") {
return requestedPublic;
}
}
const enabledSet = new Set(Array.isArray(user.enabledAuthMethods) ? user.enabledAuthMethods : []); const enabledSet = new Set(Array.isArray(user.enabledAuthMethods) ? user.enabledAuthMethods : []);
const allowed = all.filter((entry) => enabledSet.has(entry.id)); const allowed = all.filter((entry) => enabledSet.has(entry.id));
if (allowed.length === 0) { if (allowed.length === 0) {