Remove totp options from code (#2541)

2021-06-14 15:52:50 +02:00 · 2021-06-14 15:52:50 +02:00 · 7b0990addd
commit 7b0990addd
parent 85e34afa64
1 changed files with 3 additions and 15 deletions
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/TOTP.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/TOTP.pm
@ -214,26 +214,14 @@ sub run {
        $self->logger->debug("Reading TOTP secret if exists...");
        $secret = $_->{_secret} foreach (@totp2f);

-        if ( ( $req->param('newkey') and $self->conf->{totp2fUserCanChangeKey} )
-            or not $secret )
-        {
+        if ($secret) {
+            return $self->p->sendError( $req, 'totpExistingKey', 200 );
+        } else {
            $secret = $self->newSecret;
            $self->logger->debug("Generating new secret = $secret");
            $nk = 1;
        }

-        elsif ( $req->param('newkey') ) {
-            return $self->p->sendError( $req, 'notAuthorized', 200 );
-        }
-
-        elsif ( $self->conf->{totp2fDisplayExistingSecret} ) {
-            $self->logger->debug("User secret = $secret");
-        }
-
-        else {
-            return $self->p->sendError( $req, 'totpExistingKey', 200 );
-        }
-
        # Secret is stored in a token: we choose to not accept secret returned
        # by Ajax request to avoid some attacks
        my $token = $self->ott->createToken( {