From c2e55ead53563153512427debcc5f19e16f37208 Mon Sep 17 00:00:00 2001
From: Ylian Saint-Hilaire <ysainthilaire@hotmail.com>
Date: Wed, 29 Apr 2020 11:28:34 -0700
Subject: [PATCH] Fixed SMS/Email button on login page.

---
 webserver.js | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/webserver.js b/webserver.js
index 80bfdcbf..0f4fe730 100644
--- a/webserver.js
+++ b/webserver.js
@@ -959,6 +959,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
         delete req.session.tokenusername;
         delete req.session.tokenpassword;
         delete req.session.tokenemail;
+        delete req.session.tokensms;
         delete req.session.messageid;
         delete req.session.passhint;
         delete req.session.cuserid;
@@ -1118,6 +1119,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
             delete req.session.resettokenusername;
             delete req.session.resettokenpassword;
             delete req.session.tokenemail;
+            delete req.session.tokensms;
             delete req.session.messageid;
             delete req.session.passhint;
             delete req.session.cuserid;
@@ -1180,6 +1182,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
                 delete req.session.resettokenusername;
                 delete req.session.resettokenpassword;
                 delete req.session.tokenemail;
+                delete req.session.tokensms;
                 delete req.session.messageid;
                 delete req.session.passhint;
                 delete req.session.cuserid;
@@ -1969,9 +1972,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
         if (hardwareKeyChallenge) { hwstate = obj.parent.encodeCookie({ u: req.session.tokenusername, p: req.session.tokenpassword, c: req.session.u2fchallenge }, obj.parent.loginCookieEncryptionKey) }
 
         // Check if we can use OTP tokens with email
-        var otpemail = (parent.mailserver != null) && (req.session != null) && (req.session.tokenemail != null);
+        var otpemail = (parent.mailserver != null) && (req.session != null) && (req.session.tokenemail == true);
         if ((typeof domain.passwordrequirements == 'object') && (domain.passwordrequirements.email2factor == false)) { otpemail = false; }
-        var otpsms = (parent.smsserver != null) && (req.session != null) && (req.session.tokensms != null);
+        var otpsms = (parent.smsserver != null) && (req.session != null) && (req.session.tokensms == true);
         if ((typeof domain.passwordrequirements == 'object') && (domain.passwordrequirements.sms2factor == false)) { otpsms = false; }
 
         // Render the login page