TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-12-12 14:54:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

consider idp to be a valid mfa

Browse Source
This commit is contained in:
Max Peintner
2024-12-16 11:42:57 +01:00
parent 53c0892614
commit 01b7d47551
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
apps/login/src/app/login/route.ts
View File

@@ -109,9 +109,10 @@ async function isSessionValid(session: Session): Promise<boolean> {
const otpSms = session.factors.otpSms?.verifiedAt; const otpSms = session.factors.otpSms?.verifiedAt;
const totp = session.factors.totp?.verifiedAt; const totp = session.factors.totp?.verifiedAt;
const webAuthN = session.factors.webAuthN?.verifiedAt; const webAuthN = session.factors.webAuthN?.verifiedAt;
const idp = session.factors.intent?.verifiedAt; // TODO: forceMFA should not consider this as valid factor
// must have one single check // must have one single check
mfaValid = !!(otpEmail || otpSms || totp || webAuthN); mfaValid = !!(otpEmail || otpSms || totp || webAuthN || idp);
if (!mfaValid) { if (!mfaValid) {
console.warn("Session has no valid multifactor", session.factors); console.warn("Session has no valid multifactor", session.factors);
} }
@@ -207,6 +208,8 @@ export async function GET(request: NextRequest) {
const isValid = await isSessionValid(selectedSession); const isValid = await isSessionValid(selectedSession);
console.log("Session is valid:", isValid);
if (!isValid && selectedSession.factors?.user) { if (!isValid && selectedSession.factors?.user) {
// if the session is not valid anymore, we need to redirect the user to re-authenticate // if the session is not valid anymore, we need to redirect the user to re-authenticate
const command: SendLoginnameCommand = { const command: SendLoginnameCommand = {