Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nextcloud/server.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--core/Controller/OCJSController.php1
-rw-r--r--core/Middleware/TwoFactorMiddleware.php6
2 files changed, 7 insertions, 0 deletions
diff --git a/core/Controller/OCJSController.php b/core/Controller/OCJSController.php
index 71f0941b46c..379b08bf22e 100644
--- a/core/Controller/OCJSController.php
+++ b/core/Controller/OCJSController.php
@@ -98,6 +98,7 @@ class OCJSController extends Controller {
/**
* @NoCSRFRequired
+ * @NoTwoFactorRequired
* @PublicPage
*
* @return DataDisplayResponse
diff --git a/core/Middleware/TwoFactorMiddleware.php b/core/Middleware/TwoFactorMiddleware.php
index fbdb106b7bb..4c13a99a1aa 100644
--- a/core/Middleware/TwoFactorMiddleware.php
+++ b/core/Middleware/TwoFactorMiddleware.php
@@ -83,6 +83,12 @@ class TwoFactorMiddleware extends Middleware {
* @param string $methodName
*/
public function beforeController($controller, $methodName) {
+ if ($this->reflector->hasAnnotation('NoTwoFactorRequired')) {
+ // Route handler explicitly marked to work without finished 2FA are
+ // not blocked
+ return;
+ }
+
if ($controller instanceof APIController && $methodName === 'poll') {
// Allow polling the twofactor nextcloud notifications state
return;
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-01 17:26:44 +0300