chore: update version to 1.1.0 and improve two-factor provider validation

2026-06-20 21:00:41 +00:00 · 2026-02-20 18:39:18 +08:00
parent aaf5078c8a
commit b6f2882cdf
4 changed files with 6 additions and 5 deletions
@@ -113,7 +113,8 @@ export async function handleToken(request: Request, env: Env): Promise<Response>
    // Optional 2FA: enabled only when TOTP_SECRET is configured in Workers env.
    let trustedTwoFactorTokenToReturn: string | undefined;
    if (isTotpEnabled(env.TOTP_SECRET)) {
-      if (twoFactorProvider !== undefined && String(twoFactorProvider) !== '0') {
+      const normalizedTwoFactorProvider = String(twoFactorProvider ?? '').trim();
+      if (normalizedTwoFactorProvider !== '' && normalizedTwoFactorProvider !== '0') {
        return identityErrorResponse('Unsupported two-factor provider', 'invalid_grant', 400);
      }