Do not display login form after 2FA token timeout (#2791)

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Engines/Default.pm

@@ -433,6 +433,7 @@ sub _choice {
     my $session;
     unless ( $session = $self->ott->getToken($token) ) {
         $self->userLogger->info('Token expired');
+        $req->noLoginDisplay(1);
         return $self->p->do( $req, [ sub { PE_TOKENEXPIRED } ] );
     }
 

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/SecondFactor.pm

@@ -101,7 +101,7 @@ sub _verify {
     my $session;
     unless ( $session = $self->ott->getToken($token) ) {
         $self->userLogger->info('Token expired');
-        $self->setSecurity($req);
+        $req->noLoginDisplay(1);
         return $self->p->do( $req, [ sub { PE_TOKENEXPIRED } ] );
     }