From bb2d8fed451803c31df51789e1e6133123ac6f45 Mon Sep 17 00:00:00 2001 From: Philippe Loctaux Date: Thu, 4 May 2023 21:28:07 +0200 Subject: [PATCH] admin/users: force delete totp secret, totp backup --- crates/ezidam/src/routes/admin.rs | 2 + crates/ezidam/src/routes/admin/users.rs | 80 +++++++++++++++++ .../pages/admin/users/view.html.tera | 90 +++++++++++++++++++ 3 files changed, 172 insertions(+) diff --git a/crates/ezidam/src/routes/admin.rs b/crates/ezidam/src/routes/admin.rs index 3451588..0edacea 100644 --- a/crates/ezidam/src/routes/admin.rs +++ b/crates/ezidam/src/routes/admin.rs @@ -28,6 +28,8 @@ pub fn routes() -> Vec { admin_users_archive, admin_users_password_reset, admin_users_paper_key_reset, + admin_users_totp_secret_disable, + admin_users_totp_backup_delete, ] } diff --git a/crates/ezidam/src/routes/admin/users.rs b/crates/ezidam/src/routes/admin/users.rs index 5bb8cb5..1c87c9c 100644 --- a/crates/ezidam/src/routes/admin/users.rs +++ b/crates/ezidam/src/routes/admin/users.rs @@ -351,6 +351,7 @@ pub async fn admin_users_paper_key_reset( .await? .ok_or_else(|| Error::not_found("Could not find user"))?; + // Delete paper key user.set_paper_key(&mut transaction, None).await?; transaction.commit().await?; @@ -366,3 +367,82 @@ pub async fn admin_users_paper_key_reset( flash_message, )) } + +#[derive(Debug, FromForm)] +pub struct TotpSecretDisableForm { + pub disable: Option, +} + +#[post("/admin/users//totp_secret", data = "
")] +pub async fn admin_users_totp_secret_disable( + _admin_not_current: JwtAdminNotCurrent, + mut db: Connection, + id: RocketUserID, + form: Form, +) -> Result> { + let (flash_kind, flash_message) = match form.disable { + Some(true) => { + let mut transaction = db.begin().await?; + + // Get user + let user = User::get_by_id(&mut transaction, &id.0) + .await? + .ok_or_else(|| Error::not_found("Could not find user"))?; + + // Delete totp secret + user.set_totp_secret(&mut transaction, None).await?; + + // Delete totp backup + user.set_totp_backup(&mut transaction, None).await?; + + transaction.commit().await?; + + (FlashKind::Success, "TOTP has been disabled.") + } + _ => (FlashKind::Warning, "Nothing to do."), + }; + + Ok(Flash::new( + Redirect::to(uri!(admin_users_view(id))), + flash_kind, + flash_message, + )) +} + +#[derive(Debug, FromForm)] +pub struct TotpBackupDeleteForm { + pub delete: Option, +} + +#[post("/admin/users//totp_backup", data = "")] +pub async fn admin_users_totp_backup_delete( + _admin_not_current: JwtAdminNotCurrent, + mut db: Connection, + id: RocketUserID, + form: Form, +) -> Result> { + let (flash_kind, flash_message) = match form.delete { + Some(true) => { + let mut transaction = db.begin().await?; + + // Get user + let user = User::get_by_id(&mut transaction, &id.0) + .await? + .ok_or_else(|| Error::not_found("Could not find user"))?; + + // Delete totp backup + user.set_totp_backup(&mut transaction, None).await?; + + transaction.commit().await?; + + (FlashKind::Success, "TOTP backup has been deleted.") + } + _ => (FlashKind::Warning, "Nothing to do."), + }; + + Ok(Flash::new( + Redirect::to(uri!(admin_users_view(id))), + flash_kind, + flash_message, + )) +} diff --git a/crates/ezidam/templates/pages/admin/users/view.html.tera b/crates/ezidam/templates/pages/admin/users/view.html.tera index be2d087..eebaeaa 100644 --- a/crates/ezidam/templates/pages/admin/users/view.html.tera +++ b/crates/ezidam/templates/pages/admin/users/view.html.tera @@ -429,6 +429,96 @@ + + + + + + + {% endblock content %} {% block libs_js %}