only look for valid second factor in session if we have a session
[tine20] / tine20 / Tinebase / Auth / SecondFactor / Abstract.php
index 7fdb67e..8868f11 100644 (file)
@@ -44,6 +44,11 @@ abstract class Tinebase_Auth_SecondFactor_Abstract
      */
     public static function hasValidSecondFactor()
     {
+        if (! Tinebase_Session::isStarted()) {
+            if (Tinebase_Core::isLogLevel(Zend_Log::INFO)) Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__
+                . ' No session started to check second factor in session');
+            return true;
+        }
         $currentValidUntil = Tinebase_Session::getSessionNamespace()->secondFactorValidUntil;
         if ($currentValidUntil) {
             $validUntil = new Tinebase_DateTime($currentValidUntil);