authenticate_user: pass undef instead of empty $tfa_challenge to authenticate_2nd_new

just above, we check & return if $tfa_challenge is set, so there is no
way that it would be set here. To make it clearer that it must be undef
here pass it as such.

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>

diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
index 3d77bed0650a682c2f3eb2cb822695eba1c7fee5..5addcbfa46208169632782b6b43edf3131f8559d 100644 (file)
--- a/src/PVE/AccessControl.pm
+++ b/src/PVE/AccessControl.pm
@@ -746,7 +746,7 @@ sub authenticate_user : prototype($$$$;$) {
 
     if ($new_format) {
        # This is the first factor with an optional immediate 2nd factor for TOTP:
-       my $tfa_challenge = authenticate_2nd_new($username, $realm, $otp, $tfa_challenge);
+       my $tfa_challenge = authenticate_2nd_new($username, $realm, $otp, undef);
        return wantarray ? ($username, $tfa_challenge) : $username;
     } else {
        return authenticate_2nd_old($username, $realm, $otp);