diff --git a/src/api/core/two_factor/email.rs b/src/api/core/two_factor/email.rs index 938a202..97e55df 100644 --- a/src/api/core/two_factor/email.rs +++ b/src/api/core/two_factor/email.rs @@ -55,10 +55,18 @@ fn send_email_login(data: JsonUpcase, conn: DbConn) -> Empty err!("Email 2FA is disabled") } + send_token(&user.uuid, &conn)?; + + Ok(()) +} + +/// Generate the token, save the data for later verification and send email to user +pub fn send_token(user_uuid: &str, conn: &DbConn) -> EmptyResult { let type_ = TwoFactorType::Email as i32; - let mut twofactor = TwoFactor::find_by_user_and_type(&user.uuid, type_, &conn)?; + let mut twofactor = TwoFactor::find_by_user_and_type(user_uuid, type_, &conn)?; let generated_token = generate_token(CONFIG.email_token_size())?; + let mut twofactor_data = EmailTokenData::from_json(&twofactor.data)?; twofactor_data.set_token(generated_token); twofactor.data = twofactor_data.to_json(); diff --git a/src/api/identity.rs b/src/api/identity.rs index 03460eb..7a2ef13 100644 --- a/src/api/identity.rs +++ b/src/api/identity.rs @@ -293,13 +293,19 @@ fn _json_err_twofactor(providers: &[i32], user_uuid: &str, conn: &DbConn) -> Api } Some(tf_type @ TwoFactorType::Email) => { + use crate::api::core::two_factor as _tf; + let twofactor = match TwoFactor::find_by_user_and_type(user_uuid, tf_type as i32, &conn) { Some(tf) => tf, None => err!("No twofactor email registered"), }; - let email_data = EmailTokenData::from_json(&twofactor.data)?; + // Send email immediately if email is the only 2FA option + if providers.len() == 1 { + _tf::email::send_token(&user_uuid, &conn)? + } + let email_data = EmailTokenData::from_json(&twofactor.data)?; result["TwoFactorProviders2"][provider.to_string()] = json!({ "Email": email::obscure_email(&email_data.email), })