From 1e2c57d8e856f1c40f100c59c48a36676973a689 Mon Sep 17 00:00:00 2001
From: "byte[]" <byteslice@airmail.cc>
Date: Fri, 23 Oct 2020 00:26:49 -0400
Subject: [PATCH] only update usage counters on valid TOTP (fixes
 philomena-dev/philomena#50)

---
 lib/philomena_web/user_auth.ex | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/lib/philomena_web/user_auth.ex b/lib/philomena_web/user_auth.ex
index 5aba0899..deea0dd9 100644
--- a/lib/philomena_web/user_auth.ex
+++ b/lib/philomena_web/user_auth.ex
@@ -124,7 +124,16 @@ defmodule PhilomenaWeb.UserAuth do
     user = user_token && Users.get_user_by_session_token(user_token)
     totp = totp_token && Users.user_totp_token_valid?(user, totp_token)
 
-    if user, do: update_usages(conn, user)
+    cond do
+      user && user.otp_required_for_login && totp ->
+        update_usages(conn, user)
+
+      user && !user.otp_required_for_login ->
+        update_usages(conn, user)
+
+      true ->
+        nil
+    end
 
     conn
     |> assign(:current_user, user)