oauth authorize: if totp request is present, redirect to totp verification page (since auth is not complete)

crates/ezidam/src/routes/oauth/authorize.rs

@@ -15,7 +15,8 @@ pub async fn authorize_page(
     user: Option<JwtUser>,
     flash: Option<FlashMessage<'_>>,
     auth_request: AuthenticationRequest<'_>,
-) -> Result<Template> {
+    totp_request: Option<TotpRequest>,
+) -> Result<Either<Template, Redirect>> {
     let mut transaction = db.begin().await?;
 
     // Get app info
@@ -32,15 +33,24 @@ pub async fn authorize_page(
 
     transaction.commit().await?;
 
+    if totp_request.is_some() {
+        // Redirect to totp verification page
+        return Ok(Either::Right(Redirect::to(uri!(
+            crate::routes::oauth::totp_page(auth_request)
+        ))));
+    }
+
     let page = Page::Authorize(super::content::Authorize {
         app_name: app.label().into(),
         business_name: settings.business_name().into(),
         user: user.map(|user| user.0),
     });
 
-    Ok(flash
+    Ok(Either::Left(
-        .map(|flash| Page::with_flash(page.clone(), flash))
+        flash
-        .unwrap_or_else(|| page.into()))
+            .map(|flash| Page::with_flash(page.clone(), flash))
+            .unwrap_or_else(|| page.into()),
+    ))
 }
 
 #[get("/oauth/authorize", rank = 2)]