From 79daa920e1759f8756e71ae3d5a905254154a908 Mon Sep 17 00:00:00 2001
From: syeopite <syeopite@syeopite.dev>
Date: Thu, 15 Jul 2021 02:32:53 -0700
Subject: [PATCH] Add 2fa to token auth endpoint

---
 src/invidious.cr | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/invidious.cr b/src/invidious.cr
index 10ae25e9..d3e8c9f8 100644
--- a/src/invidious.cr
+++ b/src/invidious.cr
@@ -1036,6 +1036,11 @@ get "/authorize_token" do |env|
 
   user = user.as(User)
   sid = sid.as(String)
+
+  if user.totp_secret && env.request.cookies["2faVerified"]?.try &.value != "1" || nil
+    next call_totp_validator(env, user, sid, locale)
+  end
+
   csrf_token = generate_response(sid, {":authorize_token"}, HMAC_KEY, PG_DB)
 
   scopes = env.params.query["scopes"]?.try &.split(",")