From b95c92707bec49572f1e8148c1aa05236730764b Mon Sep 17 00:00:00 2001 From: Rainnny7 Date: Thu, 19 Sep 2024 22:00:47 -0400 Subject: [PATCH] Basic disabling of TFA --- .../cc/pulseapp/api/controller/v1/UserController.java | 11 +++++++++++ src/main/java/cc/pulseapp/api/model/user/User.java | 9 +++++++++ .../java/cc/pulseapp/api/service/UserService.java | 11 +++++++++++ 3 files changed, 31 insertions(+) diff --git a/src/main/java/cc/pulseapp/api/controller/v1/UserController.java b/src/main/java/cc/pulseapp/api/controller/v1/UserController.java index 48a4434..ebd91c1 100644 --- a/src/main/java/cc/pulseapp/api/controller/v1/UserController.java +++ b/src/main/java/cc/pulseapp/api/controller/v1/UserController.java @@ -97,6 +97,17 @@ public final class UserController { return ResponseEntity.ok(userService.enableTwoFactor(input)); } + /** + * A POST endpoint to disable TFA for a useer. + * + * @return the disabled response + */ + @PostMapping("/disable-tfa") @ResponseBody @NonNull + public ResponseEntity> disableTwoFactor() { + userService.disableTwoFactor(); + return ResponseEntity.ok(Map.of("success", true)); + } + /** * A POST endpoint to logout the user. * diff --git a/src/main/java/cc/pulseapp/api/model/user/User.java b/src/main/java/cc/pulseapp/api/model/user/User.java index 871e8ee..420b1fc 100644 --- a/src/main/java/cc/pulseapp/api/model/user/User.java +++ b/src/main/java/cc/pulseapp/api/model/user/User.java @@ -78,6 +78,15 @@ public final class User { flags |= flag.bitwise(); } + /** + * Remove a flag from this user. + * + * @param flag the flag to remove + */ + public void removeFlag(@NonNull UserFlag flag) { + flags &= ~flag.bitwise(); + } + /** * Check if this user has a given flag. * diff --git a/src/main/java/cc/pulseapp/api/service/UserService.java b/src/main/java/cc/pulseapp/api/service/UserService.java index 16c32c2..0b1b100 100644 --- a/src/main/java/cc/pulseapp/api/service/UserService.java +++ b/src/main/java/cc/pulseapp/api/service/UserService.java @@ -222,6 +222,17 @@ public final class UserService { return originalBackupCodes; } + /** + * Disable two-factor auth for the + * currently authenticated user. + */ + public void disableTwoFactor() { + User user = authService.getAuthenticatedUser(); + user.setTfa(null); + user.removeFlag(UserFlag.TFA_ENABLED); + userRepository.save(user); + } + /** * Logout the user. */