diff --git a/src/controllers/openid_controller.rs b/src/controllers/openid_controller.rs
index a22ed00..1ea6fc2 100644
--- a/src/controllers/openid_controller.rs
+++ b/src/controllers/openid_controller.rs
@@ -308,21 +308,20 @@ pub async fn token(req: HttpRequest,
             }
 
             // Check code challenge, if needed
-            if !client.disable_code_verifier.unwrap_or(false) {
-                if let Some(chall) = &session.code_challenge {
-                    let code_verifier = match &q.code_verifier {
-                        None => {
-                            return Ok(error_response(&query, "access_denied", "Code verifier missing"));
-                        }
-                        Some(s) => s
-                    };
-
-                    if !chall.verify_code(code_verifier) {
-                        return Ok(error_response(&query, "invalid_grant", "Invalid code verifier"));
+            if let Some(chall) = &session.code_challenge {
+                let code_verifier = match &q.code_verifier {
+                    None => {
+                        return Ok(error_response(&query, "access_denied", "Code verifier missing"));
                     }
+                    Some(s) => s
+                };
+
+                if !chall.verify_code(code_verifier) {
+                    return Ok(error_response(&query, "invalid_grant", "Invalid code verifier"));
                 }
             }
 
+
             if session.access_token.is_some() {
                 return Ok(error_response(&query, "invalid_request", "Authorization code already used!"));
             }
diff --git a/src/data/client.rs b/src/data/client.rs
index 08948bf..d5a1299 100644
--- a/src/data/client.rs
+++ b/src/data/client.rs
@@ -11,7 +11,6 @@ pub struct Client {
     pub description: String,
     pub secret: String,
     pub redirect_uri: String,
-    pub disable_code_verifier: Option<bool>,
 }
 
 impl PartialEq for Client {