From ad6530b914af64de7fd564c06218ecd940e389c3 Mon Sep 17 00:00:00 2001 From: Marcel de Rooy Date: Mon, 12 Sep 2022 09:02:21 +0000 Subject: [PATCH] Bug 30588: (QA follow-up) Clear waiting-for-2FA-setup in session If we do not clear this session, the first login directly after setup does not really enhances user experience ;) Test plan: Make sure 2FA is enforced. Test the above. Disable your 2FA, logout and login. Verify that you can access pages with this patch now. Without this patch you could not. Run these tests to provide more confidence: t/db_dependent/Auth.t t/db_dependent/api/v1/two_factor_auth.t t/db_dependent/Koha/Auth/TwoFactorAuth.t Signed-off-by: Marcel de Rooy Signed-off-by: Nick Clemens Signed-off-by: Tomas Cohen Arazi --- C4/Auth.pm | 1 + 1 file changed, 1 insertion(+) diff --git a/C4/Auth.pm b/C4/Auth.pm index 843079f13f..2aa2a20774 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -875,6 +875,7 @@ sub checkauth { # The token is correct, the user is fully logged in! $auth_state = 'completed'; $session->param( 'waiting-for-2FA', 0 ); + $session->param( 'waiting-for-2FA-setup', 0 ); # This is an ugly trick to pass the test # $query->param('koha_login_context') && ( $q_userid ne $userid ) -- 2.39.5