therealssj
commented
8 years ago Aah shit. I changed this part in the last pull only and forgot to check whether plugin is enabled. Will fix this soon.
Closed paraacha closed 8 years ago
therealssj
commented
8 years ago Aah shit. I changed this part in the last pull only and forgot to check whether plugin is enabled. Will fix this soon.
nerdstein
commented
8 years ago +1
The TfaRouteSubscriber overrides user.login route with a custom login form. But this replacement should only occur if the Two-Factor Authentication has been enabled from TFA Settings.
An alternative approach would be to firstly check whether the TFA module has been enabled or not in the TfaLoginForm and then proceed accordingly.
In any case, currently there is no code present in the module to handle that scenario. Because I've manually tested this and found out that a user is unable to login to a website with TFA module installed but not enabled.