From b1c669dfa846582ca855eecf6800cb3caceb74d3 Mon Sep 17 00:00:00 2001
From: netkas <netkas@n64.cc>
Date: Wed, 29 Jan 2025 15:40:14 -0500
Subject: [PATCH] Added check if the peer is enabled and if it uses a password,
 a password check is required to set the otp post registration

---
 .../Classes/StandardMethods/SettingsSetOtp.php   | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/src/Socialbox/Classes/StandardMethods/SettingsSetOtp.php b/src/Socialbox/Classes/StandardMethods/SettingsSetOtp.php
index 1c959cf..be07301 100644
--- a/src/Socialbox/Classes/StandardMethods/SettingsSetOtp.php
+++ b/src/Socialbox/Classes/StandardMethods/SettingsSetOtp.php
@@ -37,13 +37,21 @@
                 throw new StandardException('Failed to check One Time Password due to an internal exception', StandardError::INTERNAL_SERVER_ERROR, $e);
             }
 
-            try
+            if($peer->isEnabled())
             {
-                $usesPassword = PasswordManager::usesPassword($peer);
+                try
+                {
+                    // If the peer is disabled, the password is not used because we assume the peer is registering
+                    $usesPassword = PasswordManager::usesPassword($peer);
+                }
+                catch (DatabaseOperationException $e)
+                {
+                    throw new StandardException('Failed to check password usage due to an internal exception', StandardError::INTERNAL_SERVER_ERROR, $e);
+                }
             }
-            catch (DatabaseOperationException $e)
+            else
             {
-                throw new StandardException('Failed to check password usage due to an internal exception', StandardError::INTERNAL_SERVER_ERROR, $e);
+                $usesPassword = false;
             }
 
             // Password verification is required to set an OTP if a password is set