Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 06:40:54 +03:00
Code Issues Packages Projects Releases Wiki Activity

check admins' two-factor requirements in the disable API as well

Browse Source 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino
2024-02-22 19:05:16 +01:00
parent 9a6a65931e
commit 76ffa107dd
2 changed files with 31 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
internal/httpd/api_admin.go
View File

@@ -100,6 +100,13 @@ func disableAdmin2FA(w http.ResponseWriter, r *http.Request) {
sendAPIResponse(w, r, err, "", getRespStatus(err))
return
}
if admin.Username == claims.Username {
if admin.Filters.RequireTwoFactor {
err := util.NewValidationError("two-factor authentication must be enabled")
sendAPIResponse(w, r, err, "", getRespStatus(err))
return
}
}
admin.Filters.RecoveryCodes = nil
admin.Filters.TOTPConfig = dataprovider.AdminTOTPConfig{
Enabled: false,