Merge branch 'dev' into feat/internal-user-passkey-support

2026-03-09 12:16:36 +00:00 · 2025-07-14 07:20:33 +08:00
parent f97b133c8c 590296e64d
commit c9f5ffae42
24 changed files with 2522 additions and 367 deletions
--- a/server/routers/auth/login.ts
+++ b/server/routers/auth/login.ts
@@ -36,6 +36,7 @@ export type LoginResponse = {
    codeRequested?: boolean;
    emailVerificationRequired?: boolean;
    useSecurityKey?: boolean;
+    twoFactorSetupRequired?: boolean;
 };

 export const dynamic = "force-dynamic";
@@ -127,6 +128,17 @@ export async function login(
        }

        if (existingUser.twoFactorEnabled) {
+            // If 2FA is enabled but no secret exists, force setup
+            if (!existingUser.twoFactorSecret) {
+                return response<LoginResponse>(res, {
+                    data: { twoFactorSetupRequired: true },
+                    success: true,
+                    error: false,
+                    message: "Two-factor authentication setup required",
+                    status: HttpCode.ACCEPTED
+                });
+            }
+
            if (!code) {
                return response<{ codeRequested: boolean }>(res, {
                    data: { codeRequested: true },
@@ -139,7 +151,7 @@ export async function login(

            const validOTP = await verifyTotpCode(
                code,
-                existingUser.twoFactorSecret!,
+                existingUser.twoFactorSecret,
                existingUser.userId
            );