المهمة "users:disable_2fa" لا تعطل مفاتيح الأمان

pfaffman · 28 فبراير 2023، 7:55م

discourse/discourse/blob/main/lib/tasks/users.rake#L153-L159


      
          desc "Disable 2FA for user with the given username"
          task "users:disable_2fa", [:username] => [:environment] do |_, args|
            username = args[:username]
            user = find_user(username)
            UserSecondFactor.where(user_id: user.id, method: UserSecondFactor.methods[:totp]).each(&:destroy!)
            puts "2FA disabled for #{username}"
          end

If the user has security keys, they are not deleted, so the user still can’t log in.

Unless UserSecondFactor is broken somehow, which seems unlikely, the security keys also need to be deleted, something like this:

UserSecurityKey.where(user_id: user.id).destroy_all

sam · 28 فبراير 2023، 11:30م

Sure seems like a reasonable improvement to the task, can you send a PR?

pfaffman · 1 مارس 2023، 12:01ص

If it were just just one line I’d have done it already, but I’ll really need to create a test or two, which is more daunting (and 4 the work!)

But maybe I can be a big boy.

Just one test that creates a 2fa key and then makes sure it gets cleared? And I guess there’s coffee to create a dummy key in the 2fa code somewhere?

pfaffman · 8 مارس 2023، 2:57م

Well, it doesn’t seem that there are any specs for this take task, so it’s just the single line:

JammyDodger · 18 مارس 2023، 8:00ص

This topic was automatically closed after 4 days. New replies are no longer allowed.

الموضوع		الردود	مرات العرض
Cannot disable 2FA for User Support	6	813	7 مارس 2021
Can't disable 2fa Bug	6	733	2 سبتمبر 2020
Admin locked out of site after deleting two-factor keys from prefs Bug	26	2232	8 ديسمبر 2022
Disable 2FA via console Self-Hosting how-to	0	2607	17 أبريل 2020
How can we disable 2FA for an user while we are using google auth2 login in Discourse? SSO	2	677	29 يوليو 2022

المهمة "users:disable_2fa" لا تعطل مفاتيح الأمان

الموضوعات ذات الصلة