barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2026-05-08 05:18:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: delete totp pending session cookie on totp success

Browse Source
This commit is contained in:
Stavros
2026-05-06 16:14:12 +03:00
parent 04b2290d73
commit 0d9865793c
2 changed files with 24 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/controller/user_controller.go
+22
View File
@@ -329,6 +329,28 @@ func (controller *UserController) totpHandler(c *gin.Context) {
tlog.App.Info().Str("username", context.GetUsername()).Msg("TOTP verification successful")
tlog.AuditLoginSuccess(c, context.GetUsername(), "totp")
uuid, err := c.Cookie(controller.config.SessionCookieName)
if err != nil {
tlog.App.Error().Err(err).Msg("Failed to retrieve session cookie in TOTP handler")
c.JSON(500, gin.H{
"status": 500,
"message": "Internal Server Error",
})
return
}
_, err = controller.auth.DeleteSession(c, uuid)
if err != nil {
tlog.App.Error().Err(err).Msg("Failed to delete pending TOTP session")
c.JSON(500, gin.H{
"status": 500,
"message": "Internal Server Error",
})
return
}
controller.auth.RecordLoginAttempt(context.GetUsername(), true)
sessionCookie := repository.Session{