diff --git a/ihtml/themes/breezy/secondfactor.tpl b/ihtml/themes/breezy/secondfactor.tpl
index 8dac1d49fa3c3696d1a3706463a4cc136acc9ecf..2c3111914a7401899d3ee848ebf6564abb0c893c 100644
--- a/ihtml/themes/breezy/secondfactor.tpl
+++ b/ihtml/themes/breezy/secondfactor.tpl
@@ -7,7 +7,7 @@
<div id="window-container">
<div id="window-div">
-<form action="index.php" method="post" id="loginform" name="loginform">
+<form action="" method="post" id="loginform" name="loginform">
{$msg_dialogs}
<div id="window-titlebar">
@@ -31,7 +31,7 @@
<div>
</div>
</div>
-
+ <input type="hidden" name="CSRFtoken" value="{$CSRFtoken}"/>
</form>
</div>
diff --git a/include/login/class_LoginPost.inc b/include/login/class_LoginPost.inc
index c68f5ddbbcaea41ee99ec0b242824893a244f292..1359a42452779734799b566f4a5f115a04229c7e 100644
--- a/include/login/class_LoginPost.inc
+++ b/include/login/class_LoginPost.inc
@@ -24,7 +24,7 @@
class LoginPost extends LoginMethod
{
/*! \brief List of second factor methods, may be dynamic later */
- static $secondFactorMethods = ['SecondFactorWebAuthn'];
+ static $secondFactorMethods = ['SecondFactorWebAuthn','SecondFactorTotp'];
/*! \brief Displayed name */
static function getLabel ()
@@ -67,13 +67,15 @@ class LoginPost extends LoginMethod
]);
/* If needed redirect to second factor page */
+ $secondFactor = FALSE;
foreach (static::$secondFactorMethods as $secondFactorMethod) {
if (!class_available($secondFactorMethod)) {
continue;
}
- if ($secondFactorMethod::hasSecondFactor()) {
- static::redirectSecondFactorPage();
- }
+ $secondFactor = ($secondFactorMethod::hasSecondFactor() || $secondFactor);
+ }
+ if ($secondFactor) {
+ static::redirectSecondFactorPage();
}
if ($success) {
@@ -208,6 +210,7 @@ class LoginPost extends LoginMethod
$smarty->assign('date', date('l, dS F Y H:i:s O'));
$smarty->assign('lang', preg_replace('/_.*$/', '', $lang));
$smarty->assign('rtl', Language::isRTL($lang));
+ $smarty->assign('CSRFtoken', CSRFProtection::getToken());
$methodOutputs = [];