summary refs log tree commit diff
path: root/src/api/routes/auth/mfa/totp.ts
diff options
context:
space:
mode:
Diffstat (limited to 'src/api/routes/auth/mfa/totp.ts')
-rw-r--r--src/api/routes/auth/mfa/totp.ts6
1 files changed, 3 insertions, 3 deletions
diff --git a/src/api/routes/auth/mfa/totp.ts b/src/api/routes/auth/mfa/totp.ts

index 42485535..65cdd397 100644
--- a/src/api/routes/auth/mfa/totp.ts
+++ b/src/api/routes/auth/mfa/totp.ts
@@ -27,8 +27,8 @@ router.post(
 	"/",
 	route({ body: "TotpSchema" }),
 	async (req: Request, res: Response) => {
-		const { code, ticket, gift_code_sku_id, login_source } =
-			req.body as TotpSchema;
+		// const { code, ticket, gift_code_sku_id, login_source } =
+		const { code, ticket } = req.body as TotpSchema;
 
 		const user = await User.findOneOrFail({
 			where: {
@@ -47,7 +47,7 @@ router.post(
 		});
 
 		if (!backup) {
-			const ret = verifyToken(user.totp_secret!, code);
+			const ret = verifyToken(user.totp_secret || "", code);
 			if (!ret || ret.delta != 0)
 				throw new HTTPError(
 					req.t("auth:login.INVALID_TOTP_CODE"),
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-08-13 10:12:22 +0000