diff --git a/plugins/auth_internal/init.php b/plugins/auth_internal/init.php index 9ff3ea24f..3420354b8 100644 --- a/plugins/auth_internal/init.php +++ b/plugins/auth_internal/init.php @@ -15,9 +15,6 @@ class Auth_Internal extends Auth_Base implements IAuthModule2 { /** @param string $service */ function authenticate($login, $password, $service = '') { - if (Config::get(Config::DISABLE_LOGIN_FORM)) - return false; - $otp = (int) ($_REQUEST["otp"] ?? 0); // don't bother with null/null logins for auth_external etc @@ -32,6 +29,9 @@ class Auth_Internal extends Auth_Base implements IAuthModule2 { return $this->check_app_password($login, $password, $service); } + if (Config::get(Config::DISABLE_LOGIN_FORM)) + return false; + if ($otp) { if ($this->check_password($user_id, $password) && UserHelper::check_otp($user_id, $otp)) return $user_id; @@ -117,6 +117,9 @@ class Auth_Internal extends Auth_Base implements IAuthModule2 { return $user_id; } + if (Config::get(Config::DISABLE_LOGIN_FORM)) + return false; + if ($login) { $user = ORM::for_table('ttrss_users') ->where_raw('LOWER(login) = LOWER(?)', [$login])