clean settings fetch

2025-12-12 02:02:23 +00:00 · 2024-12-12 17:52:41 +01:00
parent 911edd39b0
commit 8dc0e14f13
3 changed files with 7 additions and 7 deletions
--- a/apps/login/src/app/(login)/password/change/page.tsx
+++ b/apps/login/src/app/(login)/password/change/page.tsx
@@ -70,7 +70,6 @@ export default async function Page(props: {
            authRequestId={authRequestId}
            organization={organization}
            passwordComplexitySettings={passwordComplexity}
-            loginSettings={loginSettings}
          />
        ) : (
          <div className="py-4">
--- a/apps/login/src/components/change-password-form.tsx
+++ b/apps/login/src/components/change-password-form.tsx
@@ -10,7 +10,6 @@ import { sendPassword } from "@/lib/server/password";
 import { checkSessionAndSetPassword } from "@/lib/zitadel";
 import { create } from "@zitadel/client";
 import { ChecksSchema } from "@zitadel/proto/zitadel/session/v2/session_service_pb";
-import { LoginSettings } from "@zitadel/proto/zitadel/settings/v2/login_settings_pb";
 import { PasswordComplexitySettings } from "@zitadel/proto/zitadel/settings/v2/password_settings_pb";
 import { useTranslations } from "next-intl";
 import { useRouter } from "next/navigation";
@@ -32,7 +31,6 @@ type Inputs =

 type Props = {
  passwordComplexitySettings: PasswordComplexitySettings;
-  loginSettings?: LoginSettings;
  sessionId: string;
  loginName: string;
  authRequestId?: string;
@@ -41,7 +39,6 @@ type Props = {

 export function ChangePasswordForm({
  passwordComplexitySettings,
-  loginSettings,
  sessionId,
  loginName,
  authRequestId,
@@ -67,7 +64,6 @@ export function ChangePasswordForm({
    const changeResponse = checkSessionAndSetPassword({
      sessionId,
      password: values.password,
-      forceMfa: !!(loginSettings?.forceMfa || loginSettings?.forceMfaLocalOnly),
    })
      .catch(() => {
        setError("Could not change password");
--- a/apps/login/src/lib/zitadel.ts
+++ b/apps/login/src/lib/zitadel.ts
@@ -587,13 +587,11 @@ export async function setPassword(
 type CheckSessionAndSetPasswordCommand = {
  sessionId: string;
  password: string;
-  forceMfa: boolean;
 };

 export async function checkSessionAndSetPassword({
  sessionId,
  password,
-  forceMfa,
 }: CheckSessionAndSetPasswordCommand) {
  const sessionCookie = await getSessionCookieById({ sessionId });

@@ -633,6 +631,13 @@ export async function checkSessionAndSetPassword({
    (method) => !authmethods.authMethodTypes.includes(method),
  );

+  const loginSettings = await getLoginSettings(
+    session.factors.user.organizationId,
+  );
+  const forceMfa = !!(
+    loginSettings?.forceMfa || loginSettings?.forceMfaLocalOnly
+  );
+
  // if the user has no MFA but MFA is enforced, we can set a password otherwise we use the token of the user
  if (forceMfa && hasNoMFAMethods) {
    return userService.setPassword(payload, {}).catch((error) => {