From 96811a88749b7cc763f721ecebca20006ed08289 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bart=C5=82omiej=20Dach?= <dach.bartlomiej@gmail.com>
Date: Mon, 29 Jan 2024 09:13:44 +0100
Subject: [PATCH] Fix `APIAccess` spamming requests while waiting for second
 factor

---
 osu.Game/Online/API/APIAccess.cs | 60 +++++++++++++++++---------------
 1 file changed, 31 insertions(+), 29 deletions(-)

diff --git a/osu.Game/Online/API/APIAccess.cs b/osu.Game/Online/API/APIAccess.cs
index 8b369d0f3f..52506e4b12 100644
--- a/osu.Game/Online/API/APIAccess.cs
+++ b/osu.Game/Online/API/APIAccess.cs
@@ -269,42 +269,44 @@ namespace osu.Game.Online.API
                 }
             }
 
-            var userReq = new GetMeRequest();
-            userReq.Failure += ex =>
+            if (state.Value != APIState.RequiresSecondFactorAuth)
             {
-                if (ex is APIException)
+                var userReq = new GetMeRequest();
+                userReq.Failure += ex =>
                 {
-                    LastLoginError = ex;
-                    log.Add($@"Login failed for username {ProvidedUsername} on user retrieval ({LastLoginError.Message})!");
-                    Logout();
-                }
-                else if (ex is WebException webException && webException.Message == @"Unauthorized")
+                    if (ex is APIException)
+                    {
+                        LastLoginError = ex;
+                        log.Add($@"Login failed for username {ProvidedUsername} on user retrieval ({LastLoginError.Message})!");
+                        Logout();
+                    }
+                    else if (ex is WebException webException && webException.Message == @"Unauthorized")
+                    {
+                        log.Add(@"Login no longer valid");
+                        Logout();
+                    }
+                    else
+                    {
+                        state.Value = APIState.Failing;
+                    }
+                };
+                userReq.Success += me =>
                 {
-                    log.Add(@"Login no longer valid");
-                    Logout();
-                }
-                else
+                    me.Status.Value = configStatus.Value ?? UserStatus.Online;
+
+                    setLocalUser(me);
+
+                    state.Value = me.SessionVerified ? APIState.Online : APIState.RequiresSecondFactorAuth;
+                    failureCount = 0;
+                };
+
+                if (!handleRequest(userReq))
                 {
                     state.Value = APIState.Failing;
+                    return;
                 }
-            };
-            userReq.Success += me =>
-            {
-                me.Status.Value = configStatus.Value ?? UserStatus.Online;
-
-                setLocalUser(me);
-
-                state.Value = me.SessionVerified ? APIState.Online : APIState.RequiresSecondFactorAuth;
-                failureCount = 0;
-            };
-
-            if (!handleRequest(userReq))
-            {
-                state.Value = APIState.Failing;
-                return;
             }
-
-            if (state.Value == APIState.RequiresSecondFactorAuth)
+            else
             {
                 if (string.IsNullOrEmpty(SecondFactorCode))
                     return;