fix(web): use a distinct salt for TOTP authentication

If TOTP is enabled for a user, it will be disabled until the user configure it again, which will generate a new private salt.
2026-05-22 11:55:24 +00:00 · 2021-10-15 16:11:24 -04:00
parent ba86b0fd11
commit d4da1facf9
11 changed files with 115 additions and 35 deletions
@@ -44,6 +44,11 @@
          if (data.totpmissingkey) {
            vm.loginState = 'totpcode';
          }
+          else if (data.totpdisabled) {
+            vm.loginState = 'totpdisabled';
+            vm.cn = data.cn;
+            vm.url = data.url;
+          }
          else {
            vm.loginState = 'logged';
            vm.cn = data.cn;