diff options
| author | Joram Wilander <jwawilander@gmail.com> | 2016-12-12 08:16:10 -0500 |
|---|---|---|
| committer | enahum <nahumhbl@gmail.com> | 2016-12-12 10:16:10 -0300 |
| commit | 30a10d35a8406f4af96fcc8200c4e2173856837d (patch) | |
| tree | a2cc82592b3c7f6b6901d64fb4a3003180b7b154 /store | |
| parent | f0d71d87899967335210b9130a7e2b8d180bef46 (diff) | |
| download | chat-30a10d35a8406f4af96fcc8200c4e2173856837d.tar.gz chat-30a10d35a8406f4af96fcc8200c4e2173856837d.tar.bz2 chat-30a10d35a8406f4af96fcc8200c4e2173856837d.zip | |
PLT-4767 Implement MFA Enforcement (#4662)
* Create MFA setup page and remove MFA setup from account settings modal
* Add enforce MFA to system console and force redirect
* Lockdown mfa required API routes, add localization, other changes
* Minor fixes
* Fix typo
* Fix some unit tests
* Fix more unit tests
* Minor fix
* Updating UI for MFA screen (#4670)
* Updating UI for MFA screen
* Updating styles for MFA page
* Add the ability to switch between email/sso with MFA enabled
* Added mfa change email
* Minor UI updates for MFA enforcement
* Fix unit test
* Fix client unit test
* Allow switching email to ldap and back when MFA is enabled
* Fix unit test
* Revert config.json
Diffstat (limited to 'store')
| -rw-r--r-- | store/sql_user_store.go | 6 | ||||
| -rw-r--r-- | store/sql_user_store_test.go | 2 | ||||
| -rw-r--r-- | store/store.go | 2 |
3 files changed, 7 insertions, 3 deletions
diff --git a/store/sql_user_store.go b/store/sql_user_store.go index 3fddfb77d..286b6551a 100644 --- a/store/sql_user_store.go +++ b/store/sql_user_store.go @@ -275,7 +275,7 @@ func (us SqlUserStore) UpdateFailedPasswordAttempts(userId string, attempts int) return storeChannel } -func (us SqlUserStore) UpdateAuthData(userId string, service string, authData *string, email string) StoreChannel { +func (us SqlUserStore) UpdateAuthData(userId string, service string, authData *string, email string, resetMfa bool) StoreChannel { storeChannel := make(StoreChannel, 1) @@ -301,6 +301,10 @@ func (us SqlUserStore) UpdateAuthData(userId string, service string, authData *s query += ", Email = :Email" } + if resetMfa { + query += ", MfaActive = false, MfaSecret = ''" + } + query += " WHERE Id = :UserId" if _, err := us.GetMaster().Exec(query, map[string]interface{}{"LastPasswordUpdate": updateAt, "UpdateAt": updateAt, "UserId": userId, "AuthService": service, "AuthData": authData, "Email": email}); err != nil { diff --git a/store/sql_user_store_test.go b/store/sql_user_store_test.go index acd87a036..56d9c0a6a 100644 --- a/store/sql_user_store_test.go +++ b/store/sql_user_store_test.go @@ -756,7 +756,7 @@ func TestUserStoreUpdateAuthData(t *testing.T) { service := "someservice" authData := model.NewId() - if err := (<-store.User().UpdateAuthData(u1.Id, service, &authData, "")).Err; err != nil { + if err := (<-store.User().UpdateAuthData(u1.Id, service, &authData, "", true)).Err; err != nil { t.Fatal(err) } diff --git a/store/store.go b/store/store.go index 0f9b20ed8..ffc325eea 100644 --- a/store/store.go +++ b/store/store.go @@ -143,7 +143,7 @@ type UserStore interface { UpdateLastPictureUpdate(userId string) StoreChannel UpdateUpdateAt(userId string) StoreChannel UpdatePassword(userId, newPassword string) StoreChannel - UpdateAuthData(userId string, service string, authData *string, email string) StoreChannel + UpdateAuthData(userId string, service string, authData *string, email string, resetMfa bool) StoreChannel UpdateMfaSecret(userId, secret string) StoreChannel UpdateMfaActive(userId string, active bool) StoreChannel Get(id string) StoreChannel |