ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2026-02-18 08:32:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #5303 from 7heMech/fix-2fa-logout

Browse Source 
Add guardrail to fix disabling 2fa
This commit is contained in:
jc21
2026-02-16 10:27:58 +10:00
committed by GitHub
parent fcca481d1b 1d14f72ba5
commit f3c46487f6
1 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
backend/internal/2fa.js
View File

@@ -161,9 +161,12 @@ const internal2fa = {
} }
const result = await verify({ const result = await verify({
token: code, token: code,
secret: auth.meta.totp_secret, secret: auth.meta.totp_secret,
}); guardrails: createGuardrails({
MIN_SECRET_BYTES: 10,
}),
});
if (!result.valid) { if (!result.valid) {
throw new errs.AuthError("Invalid verification code"); throw new errs.AuthError("Invalid verification code");