Merge pull request #29762 from nextcloud/revert/bcfd4ed5910d29423bfa86214a3b595fe8e92c9c

[stable22] Revert "Explicitly allow some routes without 2FA"
2026-06-10 17:23:59 -04:00 · 2021-11-18 13:29:42 +01:00 · 2021-11-18 13:29:42 +01:00 · 7efa3552e6
commit 7efa3552e6
parent bcfd4ed591 ab629da2d4
2 changed files with 0 additions and 7 deletions
--- a/core/Controller/OCJSController.php
+++ b/core/Controller/OCJSController.php
@ -98,7 +98,6 @@ class OCJSController extends Controller {

 	/**
 	 * @NoCSRFRequired
-	 * @NoTwoFactorRequired
 	 * @PublicPage
 	 *
 	 * @return DataDisplayResponse
--- a/core/Middleware/TwoFactorMiddleware.php
+++ b/core/Middleware/TwoFactorMiddleware.php
@ -83,12 +83,6 @@ class TwoFactorMiddleware extends Middleware {
 	 * @param string $methodName
 	 */
 	public function beforeController($controller, $methodName) {
-		if ($this->reflector->hasAnnotation('NoTwoFactorRequired')) {
-			// Route handler explicitly marked to work without finished 2FA are
-			// not blocked
-			return;
-		}
-
 		if ($controller instanceof APIController && $methodName === 'poll') {
 			// Allow polling the twofactor nextcloud notifications state
 			return;