49 lines
1.3 KiB
Go
49 lines
1.3 KiB
Go
package web
|
|
|
|
import (
|
|
"log"
|
|
"net/http"
|
|
|
|
"code.lila.network/adoralaura/go-urlsh/internal/constants"
|
|
"code.lila.network/adoralaura/go-urlsh/internal/db"
|
|
"code.lila.network/adoralaura/go-urlsh/internal/misc"
|
|
"github.com/gofiber/fiber/v2"
|
|
)
|
|
|
|
// HandleAdminAccountMFARemove is a DELETE endpoint that handles the deletion
|
|
// of the logged in users MFA configuration.
|
|
//
|
|
// Returns HTTP 401 if no valid user cookie, HTTP 400 if no MFA is configured for the user,
|
|
// HTTP 500 if a DB error happened or HTTP 204 if the deletion request succeeded.
|
|
func HandleAdminAccountMFARemove(c *fiber.Ctx) error {
|
|
|
|
if !db.IsCookieValid(c.Cookies(constants.LoginCookieName, "")) {
|
|
c.Status(http.StatusUnauthorized)
|
|
return nil
|
|
}
|
|
|
|
user, err := db.GetUserFromCookie(c.Cookies(constants.LoginCookieName))
|
|
if err != nil {
|
|
log.Println(err)
|
|
return fiber.NewError(fiber.StatusInternalServerError, "500 Internal Server Error")
|
|
}
|
|
|
|
hasMfa, err := db.UserHasMFA(user)
|
|
if err != nil {
|
|
log.Println(err)
|
|
return fiber.NewError(fiber.StatusInternalServerError, "500 Internal Server Error")
|
|
}
|
|
|
|
if !hasMfa {
|
|
return misc.New400Error()
|
|
}
|
|
|
|
err = db.RemoveMFAFromDB(user)
|
|
if err != nil {
|
|
log.Println(err)
|
|
return fiber.NewError(fiber.StatusInternalServerError, "500 Internal Server Error")
|
|
}
|
|
|
|
c.Status(fiber.StatusNoContent)
|
|
return nil
|
|
}
|