From 9efdf085f35a66232feeb1fd93e1a964ed2d70ce Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?William=20Bouzour=C3=A8ne?= <william@bouzourene.ch>
Date: Thu, 2 Jan 2025 14:39:40 +0100
Subject: [PATCH] Fix login & mfa flow redirect

---
 controllers/login.go | 6 +++---
 controllers/mfa.go   | 9 +++------
 2 files changed, 6 insertions(+), 9 deletions(-)

diff --git a/controllers/login.go b/controllers/login.go
index 0eb9761..b7e438b 100644
--- a/controllers/login.go
+++ b/controllers/login.go
@@ -45,9 +45,6 @@ func LoginForm(c *fiber.Ctx) error {
 		}
 
 		if helpers.CheckPasswordHash(password, user.Password) {
-			sess.Set("userid", user.ID)
-			sess.Save()
-
 			redirectId := c.Query("redirect")
 			redirectUrl := "/"
 
@@ -60,6 +57,9 @@ func LoginForm(c *fiber.Ctx) error {
 				}
 			}
 
+			sess.Set("userid", user.ID)
+			sess.Save()
+
 			return c.Redirect(redirectUrl)
 		} else {
 			loginError = "Email ou mot de passe incorrect"
diff --git a/controllers/mfa.go b/controllers/mfa.go
index e366910..a5c0124 100644
--- a/controllers/mfa.go
+++ b/controllers/mfa.go
@@ -163,12 +163,6 @@ func TotpVerifyPage(c *fiber.Ctx) error {
 	if c.Method() == "POST" {
 		otp := c.FormValue("otp")
 		if totp.Validate(otp, user.TotpSercet.String) {
-			sess.Set("totp-verified", "yes")
-			err = sess.Save()
-			if err != nil {
-				return err
-			}
-
 			redirectId := c.Query("redirect")
 			redirectUrl := "/"
 
@@ -181,6 +175,9 @@ func TotpVerifyPage(c *fiber.Ctx) error {
 				}
 			}
 
+			sess.Set("totp-verified", "yes")
+			sess.Save()
+
 			return c.Redirect(redirectUrl)
 		} else {
 			mfaError = "Code temporaire invalide"