From f7de4102feabc82bd633585ede7eb818253577ce Mon Sep 17 00:00:00 2001
From: pilcrowOnPaper <pilcrowonpaper@gmail.com>
Date: Sun, 6 Oct 2024 22:04:52 +0900
Subject: [PATCH] update totp

---
 src/routes/2fa/totp/setup/+page.server.ts | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/routes/2fa/totp/setup/+page.server.ts b/src/routes/2fa/totp/setup/+page.server.ts
index dd8d927..fb7eae8 100644
--- a/src/routes/2fa/totp/setup/+page.server.ts
+++ b/src/routes/2fa/totp/setup/+page.server.ts
@@ -18,6 +18,9 @@ export async function load(event: RequestEvent) {
 	if (event.locals.user.registered2FA && !event.locals.session.twoFactorVerified) {
 		return redirect(302, get2FARedirect(event.locals.user));
 	}
+	if (event.locals.user.registeredTOTP) {
+		return redirect(302, "/");
+	}
 
 	const totpKey = new Uint8Array(20);
 	crypto.getRandomValues(totpKey);
@@ -50,6 +53,11 @@ async function action(event: RequestEvent) {
 			message: "Forbidden"
 		});
 	}
+	if (event.locals.user.registeredTOTP) {
+		return fail(403, {
+			message: "Forbidden"
+		});
+	}
 	if (!totpUpdateBucket.check(event.locals.user.id, 1)) {
 		return fail(429, {
 			message: "Too many requests"