From 7616d9f7c92a1c08f3fb97a13e0968ca29518ae7 Mon Sep 17 00:00:00 2001
From: Derrick Hammer <derrick@derrickhammer.com>
Date: Wed, 20 Mar 2024 14:11:21 -0400
Subject: [PATCH] refactor: set ExpiredAllowed on loginAuthMw2fa

---
 api/account/account.go | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/api/account/account.go b/api/account/account.go
index c701591..6199b71 100644
--- a/api/account/account.go
+++ b/api/account/account.go
@@ -352,11 +352,12 @@ func (a AccountAPI) updatePassword(c jape.Context) {
 
 func (a *AccountAPI) Routes() (*httprouter.Router, error) {
 	loginAuthMw2fa := authMiddleware(middleware.AuthMiddlewareOptions{
-		Identity:     a.identity,
-		Accounts:     a.accounts,
-		Config:       a.config,
-		Purpose:      account.JWTPurpose2FA,
-		EmptyAllowed: true,
+		Identity:       a.identity,
+		Accounts:       a.accounts,
+		Config:         a.config,
+		Purpose:        account.JWTPurpose2FA,
+		EmptyAllowed:   true,
+		ExpiredAllowed: true,
 	})
 
 	authMw := authMiddleware(middleware.AuthMiddlewareOptions{