From f271c6a3fc4cb1f1656eaa46303cfb2669ab7249 Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Tue, 3 Dec 2024 21:45:29 +0100
Subject: [PATCH] system: fix TOTP regression when used with LDAP, although
 https://github.com/opnsense/core/commit/ae97263e was the right fix, it
 assumes other children also implement _authenticate()

---
 src/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/src/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php b/src/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php
index 2746ebd27..443162324 100644
--- a/src/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php
+++ b/src/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php
@@ -473,12 +473,23 @@ class LDAP extends Base implements IAuthConnector
     }
 
     /**
-     * authenticate user against ldap server
+     * authenticate user against ldap server without Base's timer
      * @param string $username username to authenticate
      * @param string $password user password
      * @return bool authentication status
      */
     public function authenticate($username, $password)
+    {
+        return $this->_authenticate($username, $password);
+    }
+
+    /**
+     * authenticate user against ldap server, implementation as described in Base class
+     * @param string $username username to authenticate
+     * @param string $password user password
+     * @return bool authentication status
+     */
+    protected function _authenticate($username, $password)
     {
         $ldap_is_connected = false;
         $user_dn = null;