Home Explore Help
Register Sign In
Apq
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Allow removing users two factors

Daniel García 6 years ago
parent
d23d4f2c1d
commit
026f9da035
3 changed files with 27 additions and 6 deletions
Split View Show Diff Stats
  1. 13 0
      src/api/admin.rs
  2. 1 3
      src/api/core/two_factor.rs
  3. 13 3
      src/static/templates/admin/page.hbs

+ 13 - 0
src/api/admin.rs
View File 

@@ -28,6 +28,7 @@ pub fn routes() -> Vec<Route> {
 
         invite_user,
 
         delete_user,
 
         deauth_user,
 
+        remove_2fa,
 
         update_revision_users,
 
         post_config,
 
         delete_config,
 
@@ -196,6 +197,18 @@ fn deauth_user(uuid: String, _token: AdminToken, conn: DbConn) -> EmptyResult {
 
     user.save(&conn)
 
 }
 
 
+#[post("/users/<uuid>/remove-2fa")]
 
+fn remove_2fa(uuid: String, _token: AdminToken, conn: DbConn) -> EmptyResult {
 
+    let mut user = match User::find_by_uuid(&uuid, &conn) {
 
+        Some(user) => user,
 
+        None => err!("User doesn't exist"),
 
+    };
 
+
 
+    TwoFactor::delete_all_by_user(&user.uuid, &conn)?;
 
+    user.totp_recover = None;
 
+    user.save(&conn)
 
+}
 
+
 
 #[post("/users/update_revision")]
 
 fn update_revision_users(_token: AdminToken, conn: DbConn) -> EmptyResult {
 
     User::update_all_revisions(&conn)

+ 1 - 3
src/api/core/two_factor.rs
View File 

@@ -95,9 +95,7 @@ fn recover(data: JsonUpcase<RecoverTwoFactor>, conn: DbConn) -> JsonResult {
 
     }
 
 
     // Remove all twofactors from the user
 
-    for twofactor in TwoFactor::find_by_user(&user.uuid, &conn) {
 
-        twofactor.delete(&conn)?;
 
-    }
 
+    TwoFactor::delete_all_by_user(&user.uuid, &conn)?;
 
 
     // Remove the recovery code, not needed without twofactors
 
     user.totp_recover = None;

+ 13 - 3
src/static/templates/admin/page.hbs
View File 

@@ -26,9 +26,13 @@
 
                                 {{/each}}
 
                             </span>
 
                         </div>
 
-                        <div style="flex: 0 0 240px;">
 
-                            <a class="mr-3" href="#" onclick='deauthUser({{jsesc Id}})'>Deauthorize sessions</a>
 
-                            <a class="mr-3" href="#" onclick='deleteUser({{jsesc Id}}, {{jsesc Email}})'>Delete User</a>
 
+                        <div style="flex: 0 0 300px; font-size: 90%; text-align: right; padding-right: 15px">
 
+                            {{#if TwoFactorEnabled}}
 
+                            <a class="mr-2" href="#" onclick='remove2fa({{jsesc Id}})'>Remove all 2FA</a>
 
+                            {{/if}}
 
+
 
+                            <a class="mr-2" href="#" onclick='deauthUser({{jsesc Id}})'>Deauthorize sessions</a>
 
+                            <a class="mr-2" href="#" onclick='deleteUser({{jsesc Id}}, {{jsesc Email}})'>Delete User</a>
 
                         </div>
 
                     </div>
 
                 </div>
 
@@ -227,6 +231,12 @@
 
         }
 
         return false;
 
     }
 
+    function remove2fa(id) {
 
+        _post("/admin/users/" + id + "/remove-2fa",
 
+            "2FA removed correctly",
 
+            "Error removing 2FA");
 
+        return false;
 
+    }
 
     function deauthUser(id) {
 
         _post("/admin/users/" + id + "/deauth",
 
             "Sessions deauthorized correctly",