diff options
| author | Andrew Dolgov <fox@fakecake.org> | 2025-03-14 11:57:48 +0300 |
|---|---|---|
| committer | Andrew Dolgov <fox@fakecake.org> | 2025-03-14 11:57:48 +0300 |
| commit | 1dc0c98c51fc2efb95450f95a1e16d2e2d04ed9f (patch) | |
| tree | 9bee8459e43148292d6e04f28b7d79b079e9a68f | |
| parent | 405cae963b81347baa5325181be9ffb6c88ae4b0 (diff) | |
allow app passwords via auth_internal even if DISABLE_LOGIN_FORM is set
| -rw-r--r-- | plugins/auth_internal/init.php | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/plugins/auth_internal/init.php b/plugins/auth_internal/init.php index 9ff3ea24f..3420354b8 100644 --- a/plugins/auth_internal/init.php +++ b/plugins/auth_internal/init.php @@ -15,9 +15,6 @@ class Auth_Internal extends Auth_Base implements IAuthModule2 { /** @param string $service */ function authenticate($login, $password, $service = '') { - if (Config::get(Config::DISABLE_LOGIN_FORM)) - return false; - $otp = (int) ($_REQUEST["otp"] ?? 0); // don't bother with null/null logins for auth_external etc @@ -32,6 +29,9 @@ class Auth_Internal extends Auth_Base implements IAuthModule2 { return $this->check_app_password($login, $password, $service); } + if (Config::get(Config::DISABLE_LOGIN_FORM)) + return false; + if ($otp) { if ($this->check_password($user_id, $password) && UserHelper::check_otp($user_id, $otp)) return $user_id; @@ -117,6 +117,9 @@ class Auth_Internal extends Auth_Base implements IAuthModule2 { return $user_id; } + if (Config::get(Config::DISABLE_LOGIN_FORM)) + return false; + if ($login) { $user = ORM::for_table('ttrss_users') ->where_raw('LOWER(login) = LOWER(?)', [$login]) |