diff options
author | Joram Wilander <jwawilander@gmail.com> | 2017-03-13 08:29:56 -0400 |
---|---|---|
committer | George Goldberg <george@gberg.me> | 2017-03-13 12:29:56 +0000 |
commit | 8b0eedbbcd47ba09142c72a71969840aa6e121d2 (patch) | |
tree | 30c073e01dfbe40065aa2bb7900339362a57a07f /api4/user.go | |
parent | 1860d05d623b6fd7670121a7e2391605d1281b27 (diff) | |
download | chat-8b0eedbbcd47ba09142c72a71969840aa6e121d2.tar.gz chat-8b0eedbbcd47ba09142c72a71969840aa6e121d2.tar.bz2 chat-8b0eedbbcd47ba09142c72a71969840aa6e121d2.zip |
Implement PUT /users/{user_id}/mfa endpoint for APIv4 (#5743)
Diffstat (limited to 'api4/user.go')
-rw-r--r-- | api4/user.go | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/api4/user.go b/api4/user.go index b0063c657..7b8bfe65e 100644 --- a/api4/user.go +++ b/api4/user.go @@ -28,6 +28,7 @@ func InitUser() { BaseRoutes.User.Handle("/image", ApiSessionRequired(setProfileImage)).Methods("POST") BaseRoutes.User.Handle("", ApiSessionRequired(updateUser)).Methods("PUT") BaseRoutes.User.Handle("/patch", ApiSessionRequired(patchUser)).Methods("PUT") + BaseRoutes.User.Handle("/mfa", ApiSessionRequired(updateUserMfa)).Methods("PUT") BaseRoutes.User.Handle("", ApiSessionRequired(deleteUser)).Methods("DELETE") BaseRoutes.User.Handle("/roles", ApiSessionRequired(updateUserRoles)).Methods("PUT") BaseRoutes.User.Handle("/password", ApiSessionRequired(updatePassword)).Methods("PUT") @@ -493,6 +494,45 @@ func updateUserRoles(c *Context, w http.ResponseWriter, r *http.Request) { ReturnStatusOK(w) } +func updateUserMfa(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireUserId() + if c.Err != nil { + return + } + + if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) { + c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS) + return + } + + props := model.StringInterfaceFromJson(r.Body) + + activate, ok := props["activate"].(bool) + if !ok { + c.SetInvalidParam("activate") + return + } + + code := "" + if activate { + code, ok = props["code"].(string) + if !ok || len(code) == 0 { + c.SetInvalidParam("code") + return + } + } + + c.LogAudit("attempt") + + if err := app.UpdateMfa(activate, c.Params.UserId, code, c.GetSiteURL()); err != nil { + c.Err = err + return + } + + c.LogAudit("success - mfa updated") + ReturnStatusOK(w) +} + func updatePassword(c *Context, w http.ResponseWriter, r *http.Request) { c.RequireUserId() if c.Err != nil { |