Commit bd22a157 authored by ale's avatar ale
Browse files

Reset 2FA on successful account recovery

parent e51d1052
Pipeline #431 passed with stages
in 1 minute and 24 seconds
......@@ -3,6 +3,13 @@
{{define "content"}}
<h1>Your password has been reset</h1>
{{if .Had2FA}}
Two-factor authentication has been disabled to allow you to
login. You should set it up again once you have logged in.
<a href="/account/overview">
Click here to go to the login page.
......@@ -99,11 +99,19 @@ func (s *Service) handlePasswordResetAction(w http.ResponseWriter, r *http.Reque
"User": user,
"Action": action,
"Form": &form,
"Had2FA": false,
if web.ValidateOnSubmit(r, &form, tplCtx) {
if err := user.SetPassword(form.Password); err != nil {
return err
// Disable 2FA.
// TODO: clear up U2F registrations, too.
if user.Has2FA() {
user.OTPEnabled = false
user.U2FEnabled = false
tplCtx["Had2FA"] = true
if err := txn.UpdateUser(user); err != nil {
return err
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment