From e723cb1d3c946f9a5f7682a582795149c9fcfb4c Mon Sep 17 00:00:00 2001
From: vnugent <public@vaughnnugent.com>
Date: Sun, 17 Dec 2023 17:39:10 -0500
Subject: collect local time will check drift later

---
 .../src/Endpoints/LoginEndpoint.cs                               | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/LoginEndpoint.cs b/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/LoginEndpoint.cs
index 2475f36..ee16a93 100644
--- a/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/LoginEndpoint.cs
+++ b/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/LoginEndpoint.cs
@@ -334,7 +334,12 @@ namespace VNLib.Plugins.Essentials.Accounts.Endpoints
         private void LoginMfa(HttpEntity entity, IUser user, JsonDocument request, MFAUpgrade upgrade, MfaUpgradeWebm webm)
         {         
             //Recover the user's local time
-            DateTimeOffset localTime = request.RootElement.GetProperty("localtime").GetDateTimeOffset();
+            if(!request.RootElement.TryGetProperty("localtime", out JsonElement ltEl) 
+                && ltEl.TryGetDateTimeOffset(out DateTimeOffset localTime))
+            {
+                webm.Result = MFA_ERROR_MESSAGE;
+                return;
+            }
 
             //Check mode
             switch (upgrade.Type)
@@ -345,7 +350,7 @@ namespace VNLib.Plugins.Essentials.Accounts.Endpoints
                         uint code = request.RootElement.GetProperty("code").GetUInt32();
 
                         //Verify totp code
-                        if (!MultiFactor!.VerifyTOTP(user, code))
+                        if (!MultiFactor.VerifyTOTP(user, code))
                         {
                             webm.Result = "Please check your code.";
 
-- 
cgit