DragonByte Tech
Well-known member
At the moment, when you disable any given 2FA provider, it simply deletes the entity.
It would be great if you could add a new method to
Then above
Use case: I am working on integration with physical security keys, and I need to run certain clean-up actions to ensure that re-registering the device does not produce an error message.
Impact: The impact of adding this code should be minimal, as it is not an abstract method, and the default return value satisfies the
It would be great if you could add a new method to
\XF\Tfa\AbstractProvider like so:
PHP:
public function handleDisable(
\XF\Mvc\Controller $controller, \XF\Entity\TfaProvider $provider, \XF\Entity\User $user, array $config
)
{
return true;
}Then above
$userTfa->delete(); inside actionTwoStepDisable add something like this:
PHP:
/** @var \XF\Tfa\AbstractProvider $handler */
$handler = $provider->handler;
$result = $handler->handleDisable($this, $provider, \XF::visitor(), $userTfa->provider_data);
if (!$result)
{
return $this->redirect($this->buildLink('account/two-step'));
}Use case: I am working on integration with physical security keys, and I need to run certain clean-up actions to ensure that re-registering the device does not produce an error message.
Impact: The impact of adding this code should be minimal, as it is not an abstract method, and the default return value satisfies the
$result check. I don't believe this would constitute a breaking change nor would it require a great amount of testing, so there would not be a lot of QA testing opportunity cost.
Upvote
2
