Always return success from auth-dialog
We want to store the secrets even when we ultimately failed to log in. This was slightly suboptimal even before, when we were failing to remember things like the 'autoconnect' and 'certsigs' secrets. But now with HOTP it's particularly important that we keep track of which tokens have been used *even* if we end up failing to log in. Even if we don't get a valid login cookie, it's OK to return success.
parent
b3815e96
Please register or sign in to comment