From c66f3355ec363e5bc5bfed70c9621cdb55de63be Mon Sep 17 00:00:00 2001
From: Polianin Nikita <nikitkapolyanin@yandex.ru>
Date: Wed, 25 Dec 2024 05:48:22 +0300
Subject: [PATCH] feat: add logging for empty secret

---
 Security/Services/AuthService.cs | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/Security/Services/AuthService.cs b/Security/Services/AuthService.cs
index f36ad6d..4951608 100644
--- a/Security/Services/AuthService.cs
+++ b/Security/Services/AuthService.cs
@@ -145,7 +145,13 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
             case TwoFactorAuthenticator.Totp:
                 {
                     if (string.IsNullOrEmpty(firstTokenAuth.Secret))
+                    {
+                        logger.LogWarning("The user {Fingerprint} for {UserId} tried to pass the 2FA even though the secret is empty",
+                            requestContext.Fingerprint,
+                            firstTokenAuth.UserId);
+
                         throw new InvalidOperationException("Required authentication data is missing.");
+                    }
 
                     var totp = new TotpService(firstTokenAuth.Secret);