PLT-4767 Implement MFA Enforcement (#4662)

* Create MFA setup page and remove MFA setup from account settings modal

* Add enforce MFA to system console and force redirect

* Lockdown mfa required API routes, add localization, other changes

* Minor fixes

* Fix typo

* Fix some unit tests

* Fix more unit tests

* Minor fix

* Updating UI for MFA screen (#4670)

* Updating UI for MFA screen

* Updating styles for MFA page

* Add the ability to switch between email/sso with MFA enabled

* Added mfa change email

* Minor UI updates for MFA enforcement

* Fix unit test

* Fix client unit test

* Allow switching email to ldap and back when MFA is enabled

* Fix unit test

* Revert config.json

1 files changed, 6 insertions, 0 deletions

diff --git a/model/config.go b/model/config.go
index 6288a036b..7d3cb93d6 100644
--- a/model/config.go
+++ b/model/config.go
@@ -80,6 +80,7 @@ type ServiceSettings struct {
 	EnableSecurityFixAlert            *bool
 	EnableInsecureOutgoingConnections *bool
 	EnableMultifactorAuthentication   *bool
+	EnforceMultifactorAuthentication  *bool
 	AllowCorsFrom                     *string
 	SessionLengthWebInDays            *int
 	SessionLengthMobileInDays         *int
@@ -434,6 +435,11 @@ func (o *Config) SetDefaults() {
 		*o.ServiceSettings.EnableMultifactorAuthentication = false
 	}
 
+	if o.ServiceSettings.EnforceMultifactorAuthentication == nil {
+		o.ServiceSettings.EnforceMultifactorAuthentication = new(bool)
+		*o.ServiceSettings.EnforceMultifactorAuthentication = false
+	}
+
 	if o.PasswordSettings.MinimumLength == nil {
 		o.PasswordSettings.MinimumLength = new(int)
 		*o.PasswordSettings.MinimumLength = PASSWORD_MINIMUM_LENGTH