From 0ed2834c2deac6e48ec09e7dd6fd9b71bc88d175 Mon Sep 17 00:00:00 2001 From: Jay Pfaffman Date: Thu, 12 Jul 2018 10:20:45 +0200 Subject: [PATCH] FEATURE: Add users:disable_2factor rake task https://meta.discourse.org/t/admin-locked-out-of-2fa/92156/2?u=pfaffman --- app/models/user_second_factor.rb | 13 ++++++++----- lib/tasks/users.rake | 8 ++++++++ 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/app/models/user_second_factor.rb b/app/models/user_second_factor.rb index f70d4edfbec..6ca613a8f6a 100644 --- a/app/models/user_second_factor.rb +++ b/app/models/user_second_factor.rb @@ -1,6 +1,13 @@ class UserSecondFactor < ActiveRecord::Base belongs_to :user - scope :backup_codes, -> { where(method: 2, enabled: true) } + + scope :totp, -> do + where(method: UserSecondFactor.methods[:totp]) + end + + scope :backup_codes, -> do + where(method: UserSecondFactor.methods[:backup_codes], enabled: true) + end def self.methods @methods ||= Enum.new( @@ -9,10 +16,6 @@ class UserSecondFactor < ActiveRecord::Base ) end - def self.totp - where(method: 1).first - end - end # == Schema Information diff --git a/lib/tasks/users.rake b/lib/tasks/users.rake index b3abf85d78a..84f49e7951e 100644 --- a/lib/tasks/users.rake +++ b/lib/tasks/users.rake @@ -135,6 +135,14 @@ GROUP BY p.user_id puts 'Done!', '' end +desc "Disable 2FA for user with the given username" +task "users:disable_2fa", [:username] => [:environment] do |_, args| + username = args[:username] + user = find_user(username) + UserSecondFactor.totp.where(user_id: user.id).each(&:destroy!) + puts "2FA disabled for #{username}" +end + def find_user(username) user = User.find_by_username(username)