Add option for administrator to reset user 2FA (#14243)

* Frontend * Backend * only show 2FA-Reset option if posible
2025-07-23 10:48:37 +00:00 · 2021-01-05 13:54:48 +00:00
parent 15a475b7db
commit 325add71cf
4 changed files with 35 additions and 0 deletions
--- a/routers/admin/users.go
+++ b/routers/admin/users.go
@@ -183,6 +183,16 @@ func prepareUserInfo(ctx *context.Context) *models.User {
 	}
 	ctx.Data["Sources"] = sources

+	ctx.Data["TwoFactorEnabled"] = true
+	_, err = models.GetTwoFactorByUID(u.ID)
+	if err != nil {
+		if !models.IsErrTwoFactorNotEnrolled(err) {
+			ctx.InternalServerError(err)
+			return nil
+		}
+		ctx.Data["TwoFactorEnabled"] = false
+	}
+
 	return u
 }

@@ -259,6 +269,19 @@ func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) {
 		u.HashPassword(form.Password)
 	}

+	if form.Reset2FA {
+		tf, err := models.GetTwoFactorByUID(u.ID)
+		if err != nil && !models.IsErrTwoFactorNotEnrolled(err) {
+			ctx.InternalServerError(err)
+			return
+		}
+
+		if err = models.DeleteTwoFactorByID(tf.ID, u.ID); err != nil {
+			ctx.InternalServerError(err)
+			return
+		}
+	}
+
 	u.LoginName = form.LoginName
 	u.FullName = form.FullName
 	u.Email = form.Email