From 2573936000738e8d72c5c4fc51fd4d8e882cd0b2 Mon Sep 17 00:00:00 2001
From: Derrick Hammer <derrick@derrickhammer.com>
Date: Mon, 26 Feb 2024 08:26:59 -0500
Subject: [PATCH] refactor: add bypassSecurity to doLogin

---
 account/account.go | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/account/account.go b/account/account.go
index 15c9d49..ec9d87c 100644
--- a/account/account.go
+++ b/account/account.go
@@ -201,7 +201,7 @@ func (s AccountServiceDefault) LoginPassword(email string, password string, ip s
 		return "", nil, nil
 	}
 
-	token, err := s.doLogin(user, ip)
+	token, err := s.doLogin(user, ip, false)
 
 	if err != nil {
 		return "", nil, err
@@ -297,7 +297,7 @@ func (s AccountServiceDefault) LoginPubkey(pubkey string) (string, error) {
 
 	user := model.User
 
-	token, err := s.doLogin(&user, "")
+	token, err := s.doLogin(&user, "", true)
 
 	if err != nil {
 		return "", err
@@ -463,10 +463,10 @@ func GenerateSecurityToken() string {
 	return string(b)
 }
 
-func (s AccountServiceDefault) doLogin(user *models.User, ip string) (string, error) {
+func (s AccountServiceDefault) doLogin(user *models.User, ip string, bypassSecurity bool) (string, error) {
 	purpose := JWTPurposeLogin
 
-	if user.OTPEnabled {
+	if user.OTPEnabled && !bypassSecurity {
 		purpose = JWTPurpose2FA
 	}