return an error in case of required MFA so that external handlers can react if necessary

2024-11-21 11:12:25 +02:00
parent 8ab02ce402
commit 7ee6b11e9d
3 changed files with 16 additions and 10 deletions
--- a/apis/record_auth_with_otp.go
+++ b/apis/record_auth_with_otp.go
@@ -79,17 +79,17 @@ func recordAuthWithOTP(e *core.RequestEvent) error {
 			}
 		}

-		err = RecordAuthResponse(e.RequestEvent, e.Record, core.MFAMethodOTP, nil)
-		if err != nil {
-			return err
-		}
-
 		// try to delete the used otp
 		err = e.App.Delete(e.OTP)
 		if err != nil {
 			e.App.Logger().Error("Failed to delete used OTP", "error", err, "otpId", e.OTP.Id)
 		}

+		err = RecordAuthResponse(e.RequestEvent, e.Record, core.MFAMethodOTP, nil)
+		if err != nil {
+			return err
+		}
+
 		return nil
 	})
 }