Allow removing users two factors

This commit is contained in:
Daniel García 2019-08-21 17:13:06 +02:00
parent d23d4f2c1d
commit 026f9da035
No known key found for this signature in database
GPG Key ID: FC8A7D14C3CD543A
3 changed files with 27 additions and 6 deletions

View File

@ -28,6 +28,7 @@ pub fn routes() -> Vec<Route> {
invite_user, invite_user,
delete_user, delete_user,
deauth_user, deauth_user,
remove_2fa,
update_revision_users, update_revision_users,
post_config, post_config,
delete_config, delete_config,
@ -196,6 +197,18 @@ fn deauth_user(uuid: String, _token: AdminToken, conn: DbConn) -> EmptyResult {
user.save(&conn) user.save(&conn)
} }
#[post("/users/<uuid>/remove-2fa")]
fn remove_2fa(uuid: String, _token: AdminToken, conn: DbConn) -> EmptyResult {
let mut user = match User::find_by_uuid(&uuid, &conn) {
Some(user) => user,
None => err!("User doesn't exist"),
};
TwoFactor::delete_all_by_user(&user.uuid, &conn)?;
user.totp_recover = None;
user.save(&conn)
}
#[post("/users/update_revision")] #[post("/users/update_revision")]
fn update_revision_users(_token: AdminToken, conn: DbConn) -> EmptyResult { fn update_revision_users(_token: AdminToken, conn: DbConn) -> EmptyResult {
User::update_all_revisions(&conn) User::update_all_revisions(&conn)

View File

@ -95,9 +95,7 @@ fn recover(data: JsonUpcase<RecoverTwoFactor>, conn: DbConn) -> JsonResult {
} }
// Remove all twofactors from the user // Remove all twofactors from the user
for twofactor in TwoFactor::find_by_user(&user.uuid, &conn) { TwoFactor::delete_all_by_user(&user.uuid, &conn)?;
twofactor.delete(&conn)?;
}
// Remove the recovery code, not needed without twofactors // Remove the recovery code, not needed without twofactors
user.totp_recover = None; user.totp_recover = None;

View File

@ -26,9 +26,13 @@
{{/each}} {{/each}}
</span> </span>
</div> </div>
<div style="flex: 0 0 240px;"> <div style="flex: 0 0 300px; font-size: 90%; text-align: right; padding-right: 15px">
<a class="mr-3" href="#" onclick='deauthUser({{jsesc Id}})'>Deauthorize sessions</a> {{#if TwoFactorEnabled}}
<a class="mr-3" href="#" onclick='deleteUser({{jsesc Id}}, {{jsesc Email}})'>Delete User</a> <a class="mr-2" href="#" onclick='remove2fa({{jsesc Id}})'>Remove all 2FA</a>
{{/if}}
<a class="mr-2" href="#" onclick='deauthUser({{jsesc Id}})'>Deauthorize sessions</a>
<a class="mr-2" href="#" onclick='deleteUser({{jsesc Id}}, {{jsesc Email}})'>Delete User</a>
</div> </div>
</div> </div>
</div> </div>
@ -227,6 +231,12 @@
} }
return false; return false;
} }
function remove2fa(id) {
_post("/admin/users/" + id + "/remove-2fa",
"2FA removed correctly",
"Error removing 2FA");
return false;
}
function deauthUser(id) { function deauthUser(id) {
_post("/admin/users/" + id + "/deauth", _post("/admin/users/" + id + "/deauth",
"Sessions deauthorized correctly", "Sessions deauthorized correctly",