diff options
Diffstat (limited to 'app/models/user.rb')
-rw-r--r-- | app/models/user.rb | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index a05d98d88..77b50d966 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -40,6 +40,7 @@ # approved :boolean default(TRUE), not null # sign_in_token :string # sign_in_token_sent_at :datetime +# webauthn_id :string # class User < ApplicationRecord @@ -77,6 +78,7 @@ class User < ApplicationRecord has_many :backups, inverse_of: :user has_many :invites, inverse_of: :user has_many :markers, inverse_of: :user, dependent: :destroy + has_many :webauthn_credentials, dependent: :destroy has_one :invite_request, class_name: 'UserInviteRequest', inverse_of: :user, dependent: :destroy accepts_nested_attributes_for :invite_request, reject_if: ->(attributes) { attributes['text'].blank? } @@ -198,9 +200,25 @@ class User < ApplicationRecord prepare_returning_user! end + def otp_enabled? + otp_required_for_login + end + + def webauthn_enabled? + webauthn_credentials.any? + end + + def two_factor_enabled? + otp_required_for_login? || webauthn_credentials.any? + end + def disable_two_factor! self.otp_required_for_login = false + self.otp_secret = nil otp_backup_codes&.clear + + webauthn_credentials.destroy_all if webauthn_enabled? + save! end |