diff --git a/packages/backend/src/server/api/private/signin.ts b/packages/backend/src/server/api/private/signin.ts
index e8b222a4d5..0024b8ce3e 100644
--- a/packages/backend/src/server/api/private/signin.ts
+++ b/packages/backend/src/server/api/private/signin.ts
@@ -20,18 +20,6 @@ export default async (ctx: Koa.Context) => {
const instance = await fetchMeta(true);
- if (instance.enableHcaptcha && instance.hcaptchaSecretKey) {
- await verifyHcaptcha(instance.hcaptchaSecretKey, body['hcaptcha-response']).catch(e => {
- ctx.throw(400, e);
- });
- }
-
- if (instance.enableRecaptcha && instance.recaptchaSecretKey) {
- await verifyRecaptcha(instance.recaptchaSecretKey, body['g-recaptcha-response']).catch(e => {
- ctx.throw(400, e);
- });
- }
-
const username = body['username'];
const password = body['password'];
const token = body['token'];
@@ -96,6 +84,18 @@ export default async (ctx: Koa.Context) => {
}
if (!profile.twoFactorEnabled) {
+ if (instance.enableHcaptcha && instance.hcaptchaSecretKey) {
+ await verifyHcaptcha(instance.hcaptchaSecretKey, body['hcaptcha-response']).catch(e => {
+ ctx.throw(400, e);
+ });
+ }
+
+ if (instance.enableRecaptcha && instance.recaptchaSecretKey) {
+ await verifyRecaptcha(instance.recaptchaSecretKey, body['g-recaptcha-response']).catch(e => {
+ ctx.throw(400, e);
+ });
+ }
+
if (same) {
signin(ctx, user);
return;
diff --git a/packages/client/src/components/signin.vue b/packages/client/src/components/signin.vue
index 4f88e1829c..d140e143d3 100644
--- a/packages/client/src/components/signin.vue
+++ b/packages/client/src/components/signin.vue
@@ -11,6 +11,8 @@
+