Commit 4770ce8c authored by ale's avatar ale

Wipe U2F keys too when disabling 2FA

parent 458fbb99
......@@ -320,6 +320,14 @@ func (s *AccountService) disable2FA(ctx context.Context, tx TX, user *User) erro
return newBackendError(err)
}
// Disable U2F.
if len(user.U2FRegistrations) > 0 {
user.U2FRegistrations = nil
if err := tx.UpdateUser(ctx, user); err != nil {
return newBackendError(err)
}
}
// Wipe all app-specific passwords.
for _, asp := range user.AppSpecificPasswords {
if err := tx.DeleteApplicationSpecificPassword(ctx, user, asp.ID); err != nil {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment