collect local time will check drift later

1 files changed, 7 insertions, 2 deletions

diff --git a/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/LoginEndpoint.cs b/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/LoginEndpoint.cs
index 2475f36..ee16a93 100644
--- a/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/LoginEndpoint.cs
+++ b/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/LoginEndpoint.cs
@@ -334,7 +334,12 @@ namespace VNLib.Plugins.Essentials.Accounts.Endpoints
         private void LoginMfa(HttpEntity entity, IUser user, JsonDocument request, MFAUpgrade upgrade, MfaUpgradeWebm webm)
         {         
             //Recover the user's local time
-            DateTimeOffset localTime = request.RootElement.GetProperty("localtime").GetDateTimeOffset();
+            if(!request.RootElement.TryGetProperty("localtime", out JsonElement ltEl) 
+                && ltEl.TryGetDateTimeOffset(out DateTimeOffset localTime))
+            {
+                webm.Result = MFA_ERROR_MESSAGE;
+                return;
+            }
 
             //Check mode
             switch (upgrade.Type)
@@ -345,7 +350,7 @@ namespace VNLib.Plugins.Essentials.Accounts.Endpoints
                         uint code = request.RootElement.GetProperty("code").GetUInt32();
 
                         //Verify totp code
-                        if (!MultiFactor!.VerifyTOTP(user, code))
+                        if (!MultiFactor.VerifyTOTP(user, code))
                         {
                             webm.Result = "Please check your code.";