From e8038a5416b55a022be3bb78f19b0f712a0c94ce Mon Sep 17 00:00:00 2001
From: Logan Fick <logaldeveloper@protonmail.com>
Date: Thu, 7 Jun 2018 21:51:54 -0400
Subject: Fixed 2FA enforcement on login screen.

---
 app/controllers/sessions_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 2681320..cb8dcef 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -21,7 +21,7 @@ class SessionsController < ApplicationController
           flash[:alert] = "Your account has been disabled!"
         elsif user.banned?
           flash[:alert] = "You are banned!"
-        elsif user.totp_enabled && !TOTP.valid?(user.totp_code, params[:totp_code])
+        elsif user.totp_enabled && !TOTP.valid?(user.totp_secret, params[:totp_code].to_i)
           flash[:alert] = "You're doing it wrong!"
           render action: 'new'
           return
-- 
cgit v1.2.3