Add mfa reset button for admin s on user profile edit

2026-05-04 18:08:46 +03:00 · 2026-03-11 12:30:59 -03:00
parent 151823b84e
commit e3fcd26f12
4 changed files with 39 additions and 0 deletions
--- a/app/Users/Controllers/UserController.php
+++ b/app/Users/Controllers/UserController.php
@@ -208,4 +208,17 @@ class UserController extends Controller

        return redirect('/settings/users');
    }
+
+    /**
+     * Reset MFA for the specified user.
+     */
+    public function resetMfa(Request $request, int $id)
+    {
+        $this->checkPermission(Permission::UsersManage);
+        $user = $this->userRepo->getById($id);
+        // Resetear el 2FA del usuario 
+        $user->mfaValues()->delete();
+        session()->flash('success', trans('settings.users_mfa_reset_success', ['userName' => $user->name]));
+        return redirect()->back();
+    }
 }
--- a/lang/en/settings.php
+++ b/lang/en/settings.php
@@ -263,6 +263,11 @@ return [
    'users_mfa_desc' => 'Setup multi-factor authentication as an extra layer of security for your user account.',
    'users_mfa_x_methods' => ':count method configured|:count methods configured',
    'users_mfa_configure' => 'Configure Methods',
+    'users_mfa_reset' => 'Reset 2FA',
+    'users_mfa_reset_desc' => 'Reset and clear all configured MFA methods for :userName. They will be prompted to reconfigure on next login.',
+    'users_mfa_reset_confirm' => 'Are you sure you want to reset 2FA for :userName?',
+    'users_mfa_reset_success' => '2FA has been reset for :userName',
+    'users_mfa_reset_error' => 'Failed to reset 2FA for :userName',

    // API Tokens
    'user_api_token_create' => 'Create API Token',
--- a/resources/views/users/edit.blade.php
+++ b/resources/views/users/edit.blade.php
@@ -71,6 +71,26 @@
                </div>
            </div>

+            @if(user()->hasSystemRole('admin'))
+                <div class="mt-xl">
+                    <hr class="my-m">
+                    <div class="grid half gap-xl v-center">
+                        <div>
+                            <strong class="text-neg">{{ trans('settings.users_mfa_reset') }}</strong>
+                            <p class="text-small text-muted">{{ trans('settings.users_mfa_reset_desc', ['userName' => $user->name]) }}</p>
+                        </div>
+                        <div class="text-m-right">
+                            <form action="{{ url("/settings/users/{$user->id}/reset-mfa") }}" method="POST" style="display: inline;">
+                                @csrf
+                                <button type="submit" class="button neg" 
+                                        onclick="return confirm('{{ trans('settings.users_mfa_reset_confirm', ['userName' => $user->name]) }}')">
+                                    {{ trans('settings.users_mfa_reset') }}
+                                </button>
+                            </form>
+                        </div>
+                    </div>
+                </div>
+            @endif
        </section>

        @if(count($activeSocialDrivers) > 0)
--- a/routes/web.php
+++ b/routes/web.php
@@ -251,6 +251,7 @@ Route::middleware('auth')->group(function () {
    Route::get('/settings/users/{id}', [UserControllers\UserController::class, 'edit']);
    Route::put('/settings/users/{id}', [UserControllers\UserController::class, 'update']);
    Route::delete('/settings/users/{id}', [UserControllers\UserController::class, 'destroy']);
+    Route::post('/settings/users/{id}/reset-mfa', [UserControllers\UserController::class, 'resetMfa']);

    // User Account
    Route::get('/my-account', [UserControllers\UserAccountController::class, 'redirect']);