auth: fix re-auth 2FA error message not showing up

There was a confusing error message instead: [403] Access token does not have sufficient scope Which just meant the access token was used without completing 2FA.
emersion · Nov 23, 2021 · fd518b5 · fd518b5
1 parent 9aeff31
commit fd518b5
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/auth/auth.go b/auth/auth.go
@@ -119,14 +119,14 @@ func authenticate(c *protonmail.Client, cachedAuth *CachedAuth, username string)
 			return nil, fmt.Errorf("cannot re-authenticate: failed to get auth info: %v", err)
 		}
 
-		if cachedAuth.TwoFactor.Enabled == 1 {
-			return nil, fmt.Errorf("cannot re-authenticate: two factor authentication enabled, please login manually")
-		}
-
 		auth, err = c.Auth(username, cachedAuth.LoginPassword, authInfo)
 		if err != nil {
 			return nil, fmt.Errorf("cannot re-authenticate: %v", err)
 		}
+
+		if auth.TwoFactor.Enabled == 1 {
+			return nil, fmt.Errorf("cannot re-authenticate: two factor authentication enabled, please login again manually")
+		}
 	} else if err != nil {
 		return nil, err
 	}