From 2166c058f34dff6f91566930d12448805d829de7 Mon Sep 17 00:00:00 2001
From: Chocobozzz <me@florianbigard.com>
Date: Fri, 7 Oct 2022 14:23:42 +0200
Subject: Allow admins to disable two factor auth

---
 shared/server-commands/users/two-factor-command.ts | 21 +++++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

(limited to 'shared/server-commands/users')

diff --git a/shared/server-commands/users/two-factor-command.ts b/shared/server-commands/users/two-factor-command.ts
index 6c9d270ae..5542acfda 100644
--- a/shared/server-commands/users/two-factor-command.ts
+++ b/shared/server-commands/users/two-factor-command.ts
@@ -21,7 +21,7 @@ export class TwoFactorCommand extends AbstractCommand {
 
   request (options: OverrideCommandOptions & {
     userId: number
-    currentPassword: string
+    currentPassword?: string
   }) {
     const { currentPassword, userId } = options
 
@@ -58,7 +58,7 @@ export class TwoFactorCommand extends AbstractCommand {
 
   disable (options: OverrideCommandOptions & {
     userId: number
-    currentPassword: string
+    currentPassword?: string
   }) {
     const { userId, currentPassword } = options
     const path = '/api/v1/users/' + userId + '/two-factor/disable'
@@ -72,4 +72,21 @@ export class TwoFactorCommand extends AbstractCommand {
       defaultExpectedStatus: HttpStatusCode.NO_CONTENT_204
     })
   }
+
+  async requestAndConfirm (options: OverrideCommandOptions & {
+    userId: number
+    currentPassword?: string
+  }) {
+    const { userId, currentPassword } = options
+
+    const { otpRequest } = await this.request({ userId, currentPassword })
+
+    await this.confirmRequest({
+      userId,
+      requestToken: otpRequest.requestToken,
+      otpToken: TwoFactorCommand.buildOTP({ secret: otpRequest.secret }).generate()
+    })
+
+    return otpRequest
+  }
 }
-- 
cgit v1.2.3