From f22148660beb14e73baf1cfcaa16611986a8b151 Mon Sep 17 00:00:00 2001
From: Jussi Aho <jussiaho@users.noreply.github.com>
Date: Thu, 23 Feb 2023 12:49:07 +0200
Subject: [PATCH] Use correct User model if overwritten in config

Two factor authentication doesn't work if the User model has been changed in the config from the modules own model class. This fix gets the correct User model from the class map.
---
 src/User/Controller/SecurityController.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/User/Controller/SecurityController.php b/src/User/Controller/SecurityController.php
index d7a3205..c49cf79 100644
--- a/src/User/Controller/SecurityController.php
+++ b/src/User/Controller/SecurityController.php
@@ -221,9 +221,10 @@ class SecurityController extends Controller
             $validators = $module->twoFactorAuthenticationValidators;
             $credentials = Yii::$app->session->get('credentials');
             $login = $credentials['login'];
-            $user = User::findOne(['email' => $login]);
+            $userModel = $this->getClassMap()->get(User::class);
+            $user = $userModel::findOne(['email' => $login]);
             if ($user == null) {
-                $user = User::findOne(['username' => $login]);
+                $user = $userModel::findOne(['username' => $login]);
             }
             $tfType = $user->getAuthTfType();