Add option to disable totp for everyone

This commit is contained in:
kolaente 2020-05-29 17:15:59 +02:00
parent a0fb8bd32d
commit 5a04f1ecf4
No known key found for this signature in database
GPG key ID: F40E70337AB24C9B
6 changed files with 20 additions and 5 deletions

View file

@ -30,6 +30,8 @@ service:
timezone: GMT timezone: GMT
# Whether task comments should be enabled or not # Whether task comments should be enabled or not
enabletaskcomments: true enabletaskcomments: true
# Whether totp is enabled. In most cases you want to leave that enabled.
enabletotp: true
database: database:
# Database type to use. Supported types are mysql, postgres and sqlite. # Database type to use. Supported types are mysql, postgres and sqlite.

View file

@ -73,6 +73,8 @@ service:
timezone: GMT timezone: GMT
# Whether task comments should be enabled or not # Whether task comments should be enabled or not
enabletaskcomments: true enabletaskcomments: true
# Whether totp is enabled. In most cases you want to leave that enabled.
enabletotp: true
database: database:
# Database type to use. Supported types are mysql, postgres and sqlite. # Database type to use. Supported types are mysql, postgres and sqlite.

View file

@ -48,6 +48,7 @@ const (
ServiceEnableTaskAttachments Key = `service.enabletaskattachments` ServiceEnableTaskAttachments Key = `service.enabletaskattachments`
ServiceTimeZone Key = `service.timezone` ServiceTimeZone Key = `service.timezone`
ServiceEnableTaskComments Key = `service.enabletaskcomments` ServiceEnableTaskComments Key = `service.enabletaskcomments`
ServiceEnableTotp Key = `service.enabletotp`
DatabaseType Key = `database.type` DatabaseType Key = `database.type`
DatabaseHost Key = `database.host` DatabaseHost Key = `database.host`
@ -188,6 +189,7 @@ func InitDefaultConfig() {
ServiceEnableTaskAttachments.setDefault(true) ServiceEnableTaskAttachments.setDefault(true)
ServiceTimeZone.setDefault("GMT") ServiceTimeZone.setDefault("GMT")
ServiceEnableTaskComments.setDefault(true) ServiceEnableTaskComments.setDefault(true)
ServiceEnableTotp.setDefault(true)
// Database // Database
DatabaseType.setDefault("sqlite") DatabaseType.setDefault("sqlite")

View file

@ -35,6 +35,7 @@ type vikunjaInfos struct {
AvailableMigrators []string `json:"available_migrators"` AvailableMigrators []string `json:"available_migrators"`
TaskAttachmentsEnabled bool `json:"task_attachments_enabled"` TaskAttachmentsEnabled bool `json:"task_attachments_enabled"`
EnabledBackgroundProviders []string `json:"enabled_background_providers"` EnabledBackgroundProviders []string `json:"enabled_background_providers"`
TotpEnabled bool `json:"totp_enabled"`
} }
// Info is the handler to get infos about this vikunja instance // Info is the handler to get infos about this vikunja instance
@ -53,6 +54,7 @@ func Info(c echo.Context) error {
MaxFileSize: config.FilesMaxSize.GetString(), MaxFileSize: config.FilesMaxSize.GetString(),
RegistrationEnabled: config.ServiceEnableRegistration.GetBool(), RegistrationEnabled: config.ServiceEnableRegistration.GetBool(),
TaskAttachmentsEnabled: config.ServiceEnableTaskAttachments.GetBool(), TaskAttachmentsEnabled: config.ServiceEnableTaskAttachments.GetBool(),
TotpEnabled: config.ServiceEnableTotp.GetBool(),
} }
// Migrators // Migrators

View file

@ -213,11 +213,14 @@ func registerAPIRoutes(a *echo.Group) {
u.GET("s", apiv1.UserList) u.GET("s", apiv1.UserList)
u.POST("/token", apiv1.RenewToken) u.POST("/token", apiv1.RenewToken)
u.POST("/settings/email", apiv1.UpdateUserEmail) u.POST("/settings/email", apiv1.UpdateUserEmail)
u.GET("/settings/totp", apiv1.UserTOTP)
u.POST("/settings/totp/enroll", apiv1.UserTOTPEnroll) if config.ServiceEnableTotp.GetBool() {
u.POST("/settings/totp/enable", apiv1.UserTOTPEnable) u.GET("/settings/totp", apiv1.UserTOTP)
u.POST("/settings/totp/disable", apiv1.UserTOTPDisable) u.POST("/settings/totp/enroll", apiv1.UserTOTPEnroll)
u.GET("/settings/totp/qrcode", apiv1.UserTOTPQrCode) u.POST("/settings/totp/enable", apiv1.UserTOTPEnable)
u.POST("/settings/totp/disable", apiv1.UserTOTPDisable)
u.GET("/settings/totp/qrcode", apiv1.UserTOTPQrCode)
}
listHandler := &handler.WebHandler{ listHandler := &handler.WebHandler{
EmptyStruct: func() handler.CObject { EmptyStruct: func() handler.CObject {

View file

@ -17,6 +17,7 @@
package user package user
import ( import (
"code.vikunja.io/api/pkg/config"
"github.com/pquerna/otp" "github.com/pquerna/otp"
"github.com/pquerna/otp/totp" "github.com/pquerna/otp/totp"
"image" "image"
@ -46,6 +47,9 @@ type TOTPPasscode struct {
// TOTPEnabledForUser checks if totp is enabled for a user - not if it is activated, use GetTOTPForUser to check that. // TOTPEnabledForUser checks if totp is enabled for a user - not if it is activated, use GetTOTPForUser to check that.
func TOTPEnabledForUser(user *User) (bool, error) { func TOTPEnabledForUser(user *User) (bool, error) {
if !config.ServiceEnableTotp.GetBool() {
return false, nil
}
return x.Where("user_id = ?", user.ID).Exist(&TOTP{}) return x.Where("user_id = ?", user.ID).Exist(&TOTP{})
} }