Fixed 2FA reset button

This commit is contained in:
snipe 2018-02-26 15:43:49 -08:00
parent 9ee2c6be57
commit b4f704d7f1
3 changed files with 32 additions and 17 deletions

View file

@ -290,4 +290,32 @@ class UsersController extends Controller
$assets = Asset::where('assigned_to', '=', $id)->with('model')->get(); $assets = Asset::where('assigned_to', '=', $id)->with('model')->get();
return (new AssetsTransformer)->transformAssets($assets, $assets->count()); return (new AssetsTransformer)->transformAssets($assets, $assets->count());
} }
/**
* Reset the user's two-factor status
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v3.0]
* @param $userId
* @return string JSON
*/
public function postTwoFactorReset(Request $request)
{
$this->authorize('edit', User::class);
if ($request->has('id')) {
try {
$user = User::find($request->get('id'));
$user->two_factor_secret = null;
$user->two_factor_enrolled = 0;
$user->save();
return response()->json(['message' => trans('admin/settings/general.two_factor_reset_success')], 200);
} catch (\Exception $e) {
return response()->json(['message' => trans('admin/settings/general.two_factor_reset_error')], 500);
}
}
return response()->json(['message' => 'No ID provided'], 500);
}
} }

View file

@ -1138,23 +1138,6 @@ class UsersController extends Controller
} }
public function postTwoFactorReset(Request $request)
{
if (Gate::denies('users.edit')) {
return response()->json(['message' => trans('general.insufficient_permissions')], 500);
}
try {
$user = User::find($request->get('id'));
$user->two_factor_secret = null;
$user->two_factor_enrolled = 0;
$user->save();
return response()->json(['message' => trans('admin/settings/general.two_factor_reset_success')], 200);
} catch (\Exception $e) {
return response()->json(['message' => trans('admin/settings/general.two_factor_reset_error')], 500);
}
}
/** /**
* LDAP form processing. * LDAP form processing.
* *

View file

@ -627,6 +627,10 @@ $(document).ready(function() {
url: '{{ route('api.users.two_factor_reset', ['id'=> $user->id]) }}', url: '{{ route('api.users.two_factor_reset', ['id'=> $user->id]) }}',
type: 'POST', type: 'POST',
data: {}, data: {},
headers: {
"X-Requested-With": 'XMLHttpRequest',
"X-CSRF-TOKEN": $('meta[name="csrf-token"]').attr('content')
},
dataType: 'json', dataType: 'json',
success: function (data) { success: function (data) {