diff --git a/server/AyaNova/Controllers/AuthController.cs b/server/AyaNova/Controllers/AuthController.cs
index b43626a6..ad4c6185 100644
--- a/server/AyaNova/Controllers/AuthController.cs
+++ b/server/AyaNova/Controllers/AuthController.cs
@@ -665,7 +665,7 @@ namespace AyaNova.Api.Controllers
             }
 
           
-            var u = await ct.User.FirstOrDefaultAsync(z => z.Id == UserId);
+            var u = await ct.User.FirstOrDefaultAsync(z => z.Id == id);
             if (u == null)//should never happen but ?
                 return StatusCode(403, new ApiNotAuthorizedResponse());
 
diff --git a/server/AyaNova/models/User.cs b/server/AyaNova/models/User.cs
index eeb9ece3..55c52ec1 100644
--- a/server/AyaNova/models/User.cs
+++ b/server/AyaNova/models/User.cs
@@ -29,7 +29,7 @@ namespace AyaNova.Models
         public string Wiki { get; set; }
         public string CustomFields { get; set; }
         public List<string> Tags { get; set; }
-
+        public bool TwoFactorEnabled { get; set; }
         public DateTime? LastLogin { get; set; }
 
         [NotMapped, JsonIgnore]
@@ -59,7 +59,7 @@ namespace AyaNova.Models
         public DateTime? LastLogin { get; set; }
         public string Login { get; set; }
         public string Password { get; set; }
-        public bool TwoFactorEnabled {get;set;}
+        public bool TwoFactorEnabled { get; set; }
         [Required]
         public AuthorizationRoles Roles { get; set; }
         [Required]
@@ -98,7 +98,7 @@ namespace AyaNova.Models
         public DateTime? PasswordResetCodeExpire { get; set; }//---
         [JsonIgnore]
         public string TotpSecret { get; set; }//---
-         [JsonIgnore]
+        [JsonIgnore]
         public string TempToken { get; set; }//--- Used for TFA verification step 2
         //==========================