diff --git a/application/Espo/Core/Authentication/Authentication.php b/application/Espo/Core/Authentication/Authentication.php index 894114a03f..ecb8515660 100644 --- a/application/Espo/Core/Authentication/Authentication.php +++ b/application/Espo/Core/Authentication/Authentication.php @@ -232,6 +232,7 @@ class Authentication $this->applicationUser->setUser($loggedUser); if ( + !$result->bypassSecondStep() && !$result->isSecondStepRequired() && !$authToken && $this->configDataProvider->isTwoFactorEnabled() diff --git a/application/Espo/Core/Authentication/Oidc/Login.php b/application/Espo/Core/Authentication/Oidc/Login.php index 74e7eb8de5..fdf2e9c1c8 100644 --- a/application/Espo/Core/Authentication/Oidc/Login.php +++ b/application/Espo/Core/Authentication/Oidc/Login.php @@ -152,7 +152,7 @@ class Login implements LoginInterface return Result::fail(FailReason::USER_NOT_FOUND); } - return Result::success($user); + return Result::success($user)->withBypassSecondStep(); } private function loginFallback(Data $data, Request $request): Result diff --git a/application/Espo/Core/Authentication/Result.php b/application/Espo/Core/Authentication/Result.php index 54d2a1a618..f0be4702b7 100644 --- a/application/Espo/Core/Authentication/Result.php +++ b/application/Espo/Core/Authentication/Result.php @@ -51,6 +51,7 @@ class Result private ?string $token = null; private ?string $view = null; private ?string $failReason = null; + private bool $bypassSecondStep = false; private ?Data $data; private function __construct(string $status, ?User $user = null, ?Data $data = null) @@ -105,13 +106,23 @@ class Result } /** - * Second step is required. E.g. for 2FA. + * The second step is required. */ public function isSecondStepRequired(): bool { return $this->status === self::STATUS_SECOND_STEP_REQUIRED; } + /** + * To bypass the second step. + * + * @since 8.4.0 + */ + public function bypassSecondStep(): bool + { + return $this->bypassSecondStep; + } + /** * Login is failed. */ @@ -183,4 +194,15 @@ class Result { return $this->failReason; } + + /** + * Clone with bypass the second step. + */ + public function withBypassSecondStep(bool $bypassSecondStep = true): self + { + $obj = clone $this; + $obj->bypassSecondStep = $bypassSecondStep; + + return $obj; + } }