diff --git a/action.php b/action.php
index 584963c..81ef92f 100644
--- a/action.php
+++ b/action.php
@@ -80,6 +80,14 @@ switch ($VARS['action']) {
$database->delete('accounts', ['uid' => $VARS['id']]);
insertAuthLog(16, $_SESSION['uid'], $olddata['username'] . ", " . $olddata['realname'] . ", " . $olddata['email'] . ", " . $olddata['acctstatus']);
returnToSender("user_deleted");
+ case "rmtotp":
+ if ($database->has('accounts', ['uid' => $VARS['id']]) !== TRUE) {
+ returnToSender("invalid_userid");
+ }
+ $u = $database->get('accounts', 'username', ['uid' => $VARS['id']]);
+ $database->update('accounts', ["authsecret" => null], ['uid' => $VARS['id']]);
+ insertAuthLog(10, $_SESSION['uid'], $u);
+ returnToSender("2fa_removed");
case "clearlog":
$rows = $database->count('authlog');
$database->delete('authlog');
diff --git a/lang/en_us.php b/lang/en_us.php
index 3c85967..97fd137 100644
--- a/lang/en_us.php
+++ b/lang/en_us.php
@@ -81,5 +81,9 @@ define("STRINGS", [
"permission does not exist" => "Permission does not exist.",
"really delete permission" => "Are you sure you want to revoke this permission?",
"permission added" => "Permission assigned.",
- "permission deleted" => "Permission deleted."
+ "permission deleted" => "Permission deleted.",
+ "remove 2fa" => "Reset 2FA",
+ "action performed by" => "Action performed by {user}",
+ "2fa removed" => "2-factor authentication removed.",
+ "2fa" => "2FA"
]);
\ No newline at end of file
diff --git a/lang/messages.php b/lang/messages.php
index 017f3bb..9e24716 100644
--- a/lang/messages.php
+++ b/lang/messages.php
@@ -53,4 +53,8 @@ define("MESSAGES", [
"string" => "permission deleted",
"type" => "success"
],
+ "2fa_removed" => [
+ "string" => "2fa removed",
+ "type" => "success"
+ ]
]);
diff --git a/lib/getusertable.php b/lib/getusertable.php
index 5000c42..9f729f1 100644
--- a/lib/getusertable.php
+++ b/lib/getusertable.php
@@ -30,9 +30,12 @@ switch ($VARS['order'][0]['column']) {
$order = ["email" => $sortby];
break;
case 5:
- $order = ["statuscode" => $sortby];
+ $order = ["authsecret" => $sortby];
break;
case 6:
+ $order = ["statuscode" => $sortby];
+ break;
+ case 7:
$order = ["typecode" => $sortby];
break;
}
@@ -67,6 +70,7 @@ $users = $database->select('accounts', [
'username',
'realname',
'email',
+ 'authsecret (2fa)',
'acctstatus',
'statuscode',
'accttype',
@@ -85,6 +89,7 @@ if ($filter) {
}
$out['recordsFiltered'] = $recordsFiltered;
for ($i = 0; $i < count($users); $i++) {
+ $users[$i]["2fa"] = (is_empty($users[$i]["2fa"]) ? false : true);
$users[$i]["editbtn"] = ' ' . lang("edit", false) . '';
}
$out['users'] = $users;
diff --git a/pages/edituser.php b/pages/edituser.php
index ac37f47..1bcc2a6 100644
--- a/pages/edituser.php
+++ b/pages/edituser.php
@@ -10,6 +10,7 @@ $userdata = [
'username' => '',
'realname' => '',
'email' => '',
+ 'authsecret' => '',
'acctstatus' => '',
'typecode' => 'LOCAL'
];
@@ -24,6 +25,7 @@ if (!is_empty($VARS['id'])) {
'username',
'realname',
'email',
+ 'authsecret',
'acctstatus',
'typecode'
], [
@@ -126,9 +128,16 @@ if ($userdata['typecode'] != "LOCAL") {
";
+ if (!is_empty($userdata['authsecret'])) {
+ ?>
+
+
-
+
";
}
?>
diff --git a/pages/users.php b/pages/users.php
index 14972b7..698cb30 100644
--- a/pages/users.php
+++ b/pages/users.php
@@ -14,6 +14,7 @@ redirectifnotloggedin();
| |
|
|
+ |
|
|
@@ -57,6 +58,7 @@ redirectifnotloggedin();
|
|
|
+ |
|
|
diff --git a/static/js/users.js b/static/js/users.js
index fa42843..698715e 100644
--- a/static/js/users.js
+++ b/static/js/users.js
@@ -40,6 +40,7 @@ $('#usertable').DataTable({
row.realname,
row.username,
row.email,
+ (row['2fa'] == true ? "" : ""),
row.statuscode,
row.typecode
]);