Automatically display first factor input form if there is only one

src/controllers/login_controller.rs

@@ -233,6 +233,8 @@ pub async fn reset_password_route(id: Identity, query: web::Query<PasswordResetQ
 pub struct ChooseSecondFactorQuery {
     #[serde(default)]
     redirect: LoginRedirect,
+    #[serde(default = "bool::default")]
+    force_display: bool,
 }
 
 /// Let the user select the factor to use to authenticate
@@ -245,6 +247,11 @@ pub async fn choose_2fa_method(id: Identity, query: web::Query<ChooseSecondFacto
     let user: User = users.send(users_actor::GetUserRequest(SessionIdentity(&id).user_id()))
         .await.unwrap().0.expect("Could not find user!");
 
+    // Automatically choose factor if there is only one factor
+    if user.two_factor.len() == 1 && !query.force_display {
+        return redirect_user(&user.two_factor[0].login_url(&query.redirect));
+    }
+
     HttpResponse::Ok().content_type("text/html").body(
         ChooseSecondFactorTemplate {
             _p: BaseLoginPage {

templates/login/opt_input.html

@@ -6,12 +6,13 @@
   padding-left: 0px;
   padding-right: 0px;
 }
+
 </style>
 
 <div>
     <p>Please go to your authenticator app <i>{{ factor.name }}</i>, generate a new code and enter it here:</p>
     <form id="totp_form" method="post" action="{{ factor.login_url(_p.redirect_uri) }}">
-        <input type="hidden" id="code" name="code" />
+        <input type="hidden" id="code" name="code"/>
         <div class="form-group">
             <div id="otp" class="inputs d-flex flex-row justify-content-center mt-2">
                 <input class="m-2 text-center form-control rounded" type="text" id="i1" maxlength="1" autofocus/>
@@ -27,7 +28,7 @@
 
 
 <div style="margin-top: 10px;">
-    <a href="/2fa_auth?redirect={{ _p.redirect_uri.get_encoded() }}">Sign in using another factor</a><br/>
+    <a href="/2fa_auth?force_display=true&redirect={{ _p.redirect_uri.get_encoded() }}">Sign in using another factor</a><br/>
     <a href="/logout">Sign out</a>
 </div>