diff --git a/lib/api/2fa/custom.js b/lib/api/2fa/custom.js index 069b052c..8302a2c0 100644 --- a/lib/api/2fa/custom.js +++ b/lib/api/2fa/custom.js @@ -189,7 +189,7 @@ module.exports = (db, server, userHandler) => { return next(); } - if (disabled2fa && typeof req.accessToken.update === 'function') { + if (disabled2fa && req.accessToken && typeof req.accessToken.update === 'function') { try { // update access token data for current session after U2F enabled await req.accessToken.update(); diff --git a/lib/api/2fa/totp.js b/lib/api/2fa/totp.js index 24a34ffa..9131f640 100644 --- a/lib/api/2fa/totp.js +++ b/lib/api/2fa/totp.js @@ -208,7 +208,7 @@ module.exports = (db, server, userHandler) => { return next(); } - if (disabled2fa && typeof req.accessToken.update === 'function') { + if (disabled2fa && req.accessToken && typeof req.accessToken.update === 'function') { try { // update access token data for current session after U2F enabled await req.accessToken.update(); diff --git a/lib/api/2fa/u2f.js b/lib/api/2fa/u2f.js index 1f3dcdac..043d853b 100644 --- a/lib/api/2fa/u2f.js +++ b/lib/api/2fa/u2f.js @@ -158,7 +158,7 @@ module.exports = (db, server, userHandler) => { return next(); } - if (disabled2fa && typeof req.accessToken.update === 'function') { + if (disabled2fa && req.accessToken && typeof req.accessToken.update === 'function') { try { // update access token data for current session after U2F enabled await req.accessToken.update(); diff --git a/lib/api/users.js b/lib/api/users.js index 960e77b5..6e2ad9a8 100644 --- a/lib/api/users.js +++ b/lib/api/users.js @@ -1511,7 +1511,7 @@ module.exports = (db, server, userHandler) => { } let { success, passwordChanged } = updateResponse || {}; - if (passwordChanged && typeof req.accessToken.update === 'function') { + if (passwordChanged && req.accessToken && typeof req.accessToken.update === 'function') { try { // update access token data for current session after password change await req.accessToken.update();