From 630399c3c8cae1f1e3c1bd8004fd8e611244fd92 Mon Sep 17 00:00:00 2001
From: Uwe Steinmann <steinm@debian.org>
Date: Wed, 1 Oct 2025 09:56:31 +0200
Subject: [PATCH] allow logout if 2-factor auth is enforced

---
 inc/inc.Authentication.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/inc/inc.Authentication.php b/inc/inc.Authentication.php
index 2ee7bbbc6..45153fb2d 100644
--- a/inc/inc.Authentication.php
+++ b/inc/inc.Authentication.php
@@ -144,7 +144,7 @@ if (!$user->isAdmin() && $origuser == null) {
  * already on the page Setup2Factor.php and no user substiation has occured.
  */
 if($settings->_enable2FactorAuthentication && $settings->_guestID != $user->getID() && $settings->_autoLoginUser != $user->getID() && $origuser == null && $user->getSecret() == '') {
-	if(basename($_SERVER['SCRIPT_NAME']) != 'out.Setup2Factor.php' && basename($_SERVER['SCRIPT_NAME']) != 'op.Setup2Factor.php') {
+	if(!in_array(basename($_SERVER['SCRIPT_NAME']), ['out.Setup2Factor.php', 'op.Setup2Factor.php', 'op.Logout.php'])) {
 		header("Location: ../out/out.Setup2Factor.php");
 		exit;
 	}