Add option for administrator to reset user 2FA (#14243)

* Frontend

* Backend

* only show 2FA-Reset option if posible
This commit is contained in:
6543 2021-01-05 13:54:48 +00:00 committed by GitHub
parent 15a475b7db
commit 325add71cf
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 35 additions and 0 deletions

View file

@ -42,6 +42,7 @@ type AdminEditUserForm struct {
AllowImportLocal bool
AllowCreateOrganization bool
ProhibitLogin bool
Reset2FA bool `form:"reset_2fa"`
}
// Validate validates form fields

View file

@ -2116,6 +2116,7 @@ users.delete_account = Delete User Account
users.still_own_repo = This user still owns one or more repositories. Delete or transfer these repositories first.
users.still_has_org = This user is a member of an organization. Remove the user from any organizations first.
users.deletion_success = The user account has been deleted.
users.reset_2fa = Reset 2FA
emails.email_manage_panel = User Email Management
emails.primary = Primary

View file

@ -183,6 +183,16 @@ func prepareUserInfo(ctx *context.Context) *models.User {
}
ctx.Data["Sources"] = sources
ctx.Data["TwoFactorEnabled"] = true
_, err = models.GetTwoFactorByUID(u.ID)
if err != nil {
if !models.IsErrTwoFactorNotEnrolled(err) {
ctx.InternalServerError(err)
return nil
}
ctx.Data["TwoFactorEnabled"] = false
}
return u
}
@ -259,6 +269,19 @@ func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) {
u.HashPassword(form.Password)
}
if form.Reset2FA {
tf, err := models.GetTwoFactorByUID(u.ID)
if err != nil && !models.IsErrTwoFactorNotEnrolled(err) {
ctx.InternalServerError(err)
return
}
if err = models.DeleteTwoFactorByID(tf.ID, u.ID); err != nil {
ctx.InternalServerError(err)
return
}
}
u.LoginName = form.LoginName
u.FullName = form.FullName
u.Email = form.Email

View file

@ -110,6 +110,16 @@
</div>
{{end}}
{{if .TwoFactorEnabled}}
<div class="ui divider"></div>
<div class="inline field">
<div class="ui checkbox">
<label><strong>{{.i18n.Tr "admin.users.reset_2fa"}}</strong></label>
<input name="reset_2fa" type="checkbox">
</div>
</div>
{{end}}
<div class="ui divider"></div>
<div class="field">