2FA is needed to login even when using login-with-device. If the user didn't saved the 2FA token they still need to provide this. We deleted the auth-request after validation the request, but before 2FA was triggered.
Removing the deletion of this record from that point as it will get cleaned-up automatically anyways.
2FA is needed to login even when using login-with-device. If the user didn't saved the 2FA token they still need to provide this. We deleted the auth-request after validation the request, but before 2FA was triggered.
Removing the deletion of this record from that point as it will get cleaned-up automatically anyways.