From 421ff7f194875db9634ea783d9dd5b6111f19df3 Mon Sep 17 00:00:00 2001
From: Byron Jones <glob@mozilla.com>
Date: Tue, 1 Sep 2015 13:01:20 +0800
Subject: Bug 1197073 - add support for 2fa using totp (eg. google
 authenticator)

---
 Bugzilla/Auth/Verify/DB.pm | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'Bugzilla/Auth/Verify')

diff --git a/Bugzilla/Auth/Verify/DB.pm b/Bugzilla/Auth/Verify/DB.pm
index aaa1b6c87..ea86346e1 100644
--- a/Bugzilla/Auth/Verify/DB.pm
+++ b/Bugzilla/Auth/Verify/DB.pm
@@ -53,6 +53,7 @@ sub check_credentials {
     }
 
     my $password = $login_data->{password};
+    return { failure => AUTH_NODATA } unless defined $login_data->{password};
     my $real_password_crypted = $user->cryptpassword;
 
     # Using the internal crypted password as the salt,
@@ -105,6 +106,16 @@ sub check_credentials {
         $user->update();
     }
 
+    if (i_am_webservice() && $user->settings->{api_key_only}->{value} eq 'on') {
+        # api-key verification happens in Auth/Login/APIKey
+        # token verification happens in Auth/Login/Cookie
+        # if we get here from an api call then we must be using user/pass
+        return {
+            failure    => AUTH_ERROR,
+            user_error => 'invalid_auth_method',
+        };
+    }
+
     return $login_data;
 }
 
-- 
cgit v1.2.3-24-g4f1b