diff --git a/src/data/force_2fa_auth.rs b/src/data/force_2fa_auth.rs index c419d55..0d27770 100644 --- a/src/data/force_2fa_auth.rs +++ b/src/data/force_2fa_auth.rs @@ -1,4 +1,6 @@ use crate::data::current_user::CurrentUser; +use crate::data::session_identity::SessionIdentity; +use actix_identity::Identity; use actix_web::dev::Payload; use actix_web::{web, Error, FromRequest, HttpRequest}; use std::future::Future; @@ -18,14 +20,19 @@ impl FromRequest for Force2FAAuth { type Error = Error; type Future = Pin>>>; - fn from_request(req: &HttpRequest, payload: &mut Payload) -> Self::Future { + fn from_request(req: &HttpRequest, _: &mut Payload) -> Self::Future { let req = req.clone(); - let query = web::Query::::from_request(&req, payload) - .into_inner() - .unwrap(); - Box::pin(async move { + // It is impossible to force authentication for an unauthenticated user + let identity: Option<&Identity> = req.conn_data(); + if !SessionIdentity(identity).is_authenticated() { + return Ok(Self { force: false }); + } + + let query = web::Query::::from_request(&req, &mut Payload::None) + .into_inner()?; + let user = CurrentUser::from_request(&req, &mut Payload::None).await?; Ok(Self {