From 33b43f24295e4be22826e37513a5b7647e6d3553 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Philipp=20Sch=C3=BCle?= <p.schuele@metaways.de>
Date: Tue, 18 Jul 2017 18:28:07 +0200
Subject: [PATCH] only look for valid second factor in session if we have a
 session
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Change-Id: I6ea2f49149696a22e5bb80442b62fade13b3ec2b
Reviewed-on: http://gerrit.tine20.com/customers/5245
Tested-by: Jenkins CI (http://ci.tine20.com/)
Reviewed-by: Philipp Schüle <p.schuele@metaways.de>
---
 tine20/Tinebase/Auth/SecondFactor/Abstract.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/tine20/Tinebase/Auth/SecondFactor/Abstract.php b/tine20/Tinebase/Auth/SecondFactor/Abstract.php
index 7fdb67e..8868f11 100644
--- a/tine20/Tinebase/Auth/SecondFactor/Abstract.php
+++ b/tine20/Tinebase/Auth/SecondFactor/Abstract.php
@@ -44,6 +44,11 @@ abstract class Tinebase_Auth_SecondFactor_Abstract
      */
     public static function hasValidSecondFactor()
     {
+        if (! Tinebase_Session::isStarted()) {
+            if (Tinebase_Core::isLogLevel(Zend_Log::INFO)) Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__
+                . ' No session started to check second factor in session');
+            return true;
+        }
         $currentValidUntil = Tinebase_Session::getSessionNamespace()->secondFactorValidUntil;
         if ($currentValidUntil) {
             $validUntil = new Tinebase_DateTime($currentValidUntil);
-- 
2.7.4